关于 HSTS includeSubDomains 指令。这是否包括 example.com 下的每个子域。所以 abc.def.example.com 也包括在内?
在 RFC 中:
The OPTIONAL "includeSubDomains" directive is a valueless directive
which, if present (i.e., it is "asserted"), signals the UA that the
HSTS Policy applies to this HSTS Host as well as any subdomains of
the host's domain name.
这表示“任何”,我可以把它理解为每个子域,不管是什么级别。即 sub1.sub2.sub3.example.com 不仅仅是 sub3.example.com