Ensure secure connection over time and avoid man-in-the-middle attacks by hijacking elfsight scripts. https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html

Currently, the scripts support strict-transport-security headers with a set max-age=0. Using it with this configuration is seen as NOT secure (comparable with not having the header at all) and can be categorized as abuse to track users via HSTS(since it would not be needed to have the header at all when having max-age=0 this thought is pretty straight forward).