Public Key Pinning
- OTHERDeclare that a website's HTTPS certificate should only be treated as valid if the public key is contained in a specified list to prevent MITM attacks that use valid CA-issued certificates.
IE
- 5.5 - 10: Not supported
- 11: Not supported
Edge
- 12 - 86: Not supported
- 87: Not supported
Firefox
- 2 - 34: Not supported
- 35 - 71: Supported
- 72 - 83: Not supported
- 84: Not supported
- 85 - 86: Not supported
Chrome
- 4 - 37: Not supported
- 38 - 71: Supported
- 72 - 86: Not supported
- 87: Not supported
- 88 - 90: Not supported
Safari
- 3.1 - 13.1: Not supported
- 14: Not supported
- TP: Not supported
Opera
- 9 - 19: Not supported
- 20 - 22: Support unknown
- 23: Partial support
- 24: Support unknown
- 25 - 65: Supported
- 66 - 71: Not supported
- 72: Not supported
iOS Safari
- 3.2 - 13.7: Not supported
- 14: Not supported
Opera Mini
- all: Not supported
Android Browser
- 2.1 - 4.4.4: Not supported
- 81: Not supported
Opera Mobile
- 10 - 12.1: Not supported
- 59: Not supported
Chrome for Android
- 87: Not supported
Firefox for Android
- 83: Not supported
UC Browser for Android
- 12.12: Supported
Samsung Internet
- 4 - 10.1: Supported
- 11.1 - 12.0: Not supported
- 13.0: Not supported
QQ Browser
- 10.4: Supported
Baidu Browser
- 7.12: Supported
KaiOS Browser
- 2.5: Supported
All browsers have removed support. The header was too complicated to use, and when incorrectly implemented, could completely block websites for longer periods of time.
Certificate transparency is widely used and tries to provide the same security by very different means.