As part of our ongoing commitment to strengthening our security measures, we are pleased to announce that over the coming months IcePortal will be moving to HTTP Strict Transport Security (HSTS) compliance in order to improve our security and the security of our customers.
HTTP Strict Transport Security (HSTS) is a policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks[1] and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should automatically interact with it using only HTTPS connections, which provide Transport Layer Security (TLS/SSL), unlike the insecure HTTP used alone. HSTS is an IETF standards track protocol and is specified in RFC 6797.
Key Changes to Expect • HTTPS-Only Support: Any HTTP requests to iceportal.com will be redirected to HTTPS. • Secure Media Links: All medialinks (links to individual assets, players, or our media galleries) provided by our APIs, reports, and exports will be delivered as HTTPS regardless of whether HTTP is requested.
We anticipate that this change will not require any action on your end provided your servers already support HTTPS (which should be the case for all but very old “legacy” web sites and services). To facilitate a smooth transition, we will be implementing HSTS on our UAT (user test environment) servers on August 23 which will allow you to test compatibility with the change and ensure a seamless experience.
Key Milestones to Expect • Wednesday, October 4 o Links delivered by export feeds will all be changed to HTTPS (if they are not already HTTPS). o XML and JSON APIs will always provide links as HTTPS regardless of whether HTTP links are requested. • Tuesday, October 10 o All incoming HTTP requests will be redirected to HTTPS.
If you have any questions or concerns, please reach out to our support team at sdssupport@shijigroup.com .
Best regards, SDS Support Team
Posted Sep 28, 2023 - 13:09 UTC
Update
HTTP Strict Transport Security (HSTS)
As part of our ongoing commitment to strengthening our security measures, we are pleased to announce that over the coming months IcePortal will be moving to HTTP Strict Transport Security (HSTS) compliance in order to improve our security and the security of our customers.
HTTP Strict Transport Security (HSTS) is a policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks[1] and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should automatically interact with it using only HTTPS connections, which provide Transport Layer Security (TLS/SSL), unlike the insecure HTTP used alone. HSTS is an IETF standards track protocol and is specified in RFC 6797.
Key Changes to Expect • HTTPS-Only Support: Any HTTP requests to iceportal.com will be redirected to HTTPS. • Secure Media Links: All medialinks (links to individual assets, players, or our media galleries) provided by our APIs, reports, and exports will be delivered as HTTPS regardless of whether HTTP is requested.
We anticipate that this change will not require any action on your end provided your servers already support HTTPS (which should be the case for all but very old “legacy” web sites and services). To facilitate a smooth transition, we will be implementing HSTS on our UAT (user test environment) servers on August 23 which will allow you to test compatibility with the change and ensure a seamless experience.
Key Milestones to Expect • Wednesday, October 4 o Links delivered by export feeds will all be changed to HTTPS (if they are not already HTTPS). o XML and JSON APIs will always provide links as HTTPS regardless of whether HTTP links are requested. • Tuesday, October 10 o All incoming HTTP requests will be redirected to HTTPS.
If you have any questions or concerns, please reach out to our support team at sdssupport@shijigroup.com .
Best regards, SDS Support Team
Posted Sep 28, 2023 - 13:08 UTC
Scheduled
HTTP Strict Transport Security (HSTS)
As part of our ongoing commitment to strengthening our security measures, we are pleased to announce that over the coming months IcePortal will be moving to HTTP Strict Transport Security (HSTS) compliance in order to improve our security and the security of our customers.
HTTP Strict Transport Security (HSTS) is a policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks[1] and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should automatically interact with it using only HTTPS connections, which provide Transport Layer Security (TLS/SSL), unlike the insecure HTTP used alone. HSTS is an IETF standards track protocol and is specified in RFC 6797.
Key Changes to Expect • HTTPS-Only Support: Any HTTP requests to iceportal.com will be redirected to HTTPS. • Secure Media Links: All medialinks (links to individual assets, players, or our media galleries) provided by our APIs, reports, and exports will be delivered as HTTPS regardless of whether HTTP is requested.
We anticipate that this change will not require any action on your end provided your servers already support HTTPS (which should be the case for all but very old “legacy” web sites and services). To facilitate a smooth transition, we will be implementing HSTS on our UAT (user test environment) servers on August 23 which will allow you to test compatibility with the change and ensure a seamless experience.
Key Milestones to Expect • Wednesday, October 4 o Links delivered by export feeds will all be changed to HTTPS (if they are not already HTTPS). o XML and JSON APIs will always provide links as HTTPS regardless of whether HTTP links are requested. • Tuesday, October 10 o All incoming HTTP requests will be redirected to HTTPS.
If you have any questions or concerns, please reach out to our support team at sdssupport@shijigroup.com .
Best regards, SDS Support Team
Posted Aug 09, 2023 - 12:07 UTC
This scheduled maintenance affects: Visuals Links.