关于HSTS includeSubDomains指令。这包括下面的每个子域吗? example.com。那么abc.def.example.com也包括在内?
在RFC中:
The OPTIONAL "includeSubDomains" directive is a valueless directive
which, if present (i.e., it is "asserted"), signals the UA that the
HSTS Policy applies to this HSTS Host as well as any subdomains of
the host's domain name.
这表明"任何",我可以将其视为每个子域,无论什么级别。即sub1.sub2.sub3.example.com不仅仅是sub3.example.com