cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Are HSTS Headers always placed on Dynatrace Managed web requests?

ssmeets
Guide

Hi,

The security team at one of my customers has said that the HSTS-header is not placed on the following URL's:

- https://XXXXX.dynatrace-managed.com/beacon/
- https://XXXXX.dynatrace-managed.com/bf/
- https://XXXXX.dynatrace-managed.com/ruxitagentjs_2bnr_0.js
- https://XXXXX.dynatrace-managed.com/v2

Is this a known issue? Can we expect the HSTS-Header to not be placed on these URL's, or should they also be placed on those URL's?

Thanks in advance!

Regards,

Sten

2 REPLIES 2

Radoslaw_Szulgo
Dynatrace Leader
Dynatrace Leader

First three endpoints are ActiveGate component endpoints are the excluded from hsts. The last one is part of REST API path and there’s no resource in that specific path anyway.

If you have more sensitive questions, open a support case.

Technical Product Manager,
Dynatrace Managed expert

Thank you!