What is the “Upgrade-Insecure-Requests” HTTP header?
Short answer: it’s closely related to the Content-Security-Policy: upgrade-insecure-requests response header, indicating that the browser supports it (and in fact prefers it). It took me 30mins of Googling, but I finally found it buried in the W3 spec. The confusion comes because the header in the spec was HTTPS: 1, and this is how Chromium … Read more