Observing Microsoft’s reports, the Edge browser — and its previous version, Internet Explorer — supports HSTS (HTTP Strict Transport Security) beginning with IE 11 over Windows 7, 8.1 and 10. However, official technical documentation does not exist about how this system works in the browser, how the data is saved nor any other information. Likewise, there is no official documentation about how Firefox and Chrome implement it.
By Sheila Berta & Sergio De Los Santos
Full Abstract & Presentation Materials: https://www.blackhat.com/eu-17/briefings.html#breaking-out-hsts-and-hpkp-on-firefox-ie-edge-and-possibly-chrome