The reason behind the browser blocking custom redirect domain with HSTS in AWS SES is because the HSTS (HTTP Strict Transport Security) policy mandates that once a user's browser has seen the HSTS header, it will only connect to that specific domain over HTTPS for a specified amount of time (usually a few months). This means that any attempts to redirect users to an HTTP version of the domain or a different domain will be blocked by the browser, as it goes against the HSTS policy. Therefore, to avoid this issue, it is recommended to use the default Amazon SES redirect domain, which is already configured with HSTS.
Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss
Asked: 2023-03-27 11:00:00 +0000
Seen: 20 times
Last updated: Oct 14 '21
What does the error "Invalid Required Domain" indicate for PayPal's Payflow Link and Payflow Pro?
What is the process to identify the IAM user who has recently registered a new domain on AWS?
Why are cookies not staying across different windows of the browser?
What is the process for redirecting the old domain to the new one using Firebase Hosting?
What does the custom domain feature of Gatsby-Cloud entail?
How can Active Directory be set up to enable LDAPmodify?
Is it possible to have distinct front-end and back-end applications within the same domain?