HSTS 是 HTTP Strict-Transport-Security 的缩写,是浏览器的一个功能. 它告诉浏览器对于某些站点只能用 HTTPS 访问, 不能用 http.

使用 301 的危险： 每次都使用 301 重定向，hacker 还是在跳转之时有机会去截获信息或伪造某些页面的。

它通过服务器返回的 response 的 header 中的 Strict-Transport-Security 这一项来设置.
语法: Strict-Transport-Security: max-age=; includeSubDomains; preload.

当用户当前访问的是 HTTPS 站点,并且证书是合法有效的, 如果 response header 中包含 Strict-Transport-Security 做个 header, 那么浏览器就会知道: 这个站点在某个时间点之前都要使用 https 访问,如果用户输入 http 的协议, 自动转换为 https. 如果没到期, 后续的浏览又带来这个 header 会自动更新终止时间. 如果到期, 这个规则自动失效.

如果用户当前访问的是 http 站点, 并且这个站点之前还没有使用 HSTS, 那么浏览器会忽略这个 header, 因为没有使用 https, 这个回话可能会被拦截篡改.

当站点使用了 HSTS， 客户agent 会在过期日之前一直使用 https

参见: Strict-Transport-Security wiki

HPROF 是一个 DDL 格式的工具, 用来做 JVM heap 和 CPU profiling 的,在每个 JDK 里面都有. 它把 profiling 信息要么写到文件, 要么以二进制或 ASCII 码格式写到 socket. 这些 profiling 工具可以被其它工具使用.

HPROF is a tool for heap and CPU profiling shipped with every JDK release. It is a dynamic-link library (DLL) that interfaces with the Java Virtual Machine (JVM) using the Java Virtual Machine Tool Interface (JVM TI). The tool writes profiling information either to a file or to a socket in ASCII or binary format. This information can be further processed by a profiler front end tool.

The HPROF tool is capable of presenting CPU usage, heap allocation statistics, and monitor contention profiles. In addition, it can report complete heap dumps and states of all the monitors and threads in the JVM. In terms of diagnosing problems, HPROF is useful when analyzing performance, lock contention, memory leaks, and other issues.

源代码在: $JAVA_HOME/demo/jvmti/hprof 目录
常用命令:

1. java -agentlib:hprof=help
2. java -agentlib:hprof ToBeProfiledClass
3. java -agentlib:hprof=heap=sites ToBeProfiledClass
4. java -agentlib:hprof=cpu=samples,interval=20,depth=3 classname
5. java -agentlib:hprof=heap=sites classname

Option Name and Value Description Default

heap=dump|sites|all heap profiling all
cpu=samples|times|old CPU usage off
monitor=y|n monitor contention n
format=a|b text(txt) or binary output a
file= write data to file java.hprof[{.txt}]
net=: send data over a socket off
depth= stack trace depth 4
interval= sample interval in ms 10
cutoff= output cutoff point 0.0001
lineno=y|n line number in traces? y
thread=y|n thread in traces? n
doe=y|n dump on exit? y
msa=y|n Solaris micro state accounting n
force=y|n force output to y
verbose=y|n print messages about dumps y

Java Platform, Standard Edition Troubleshooting Guide

Command-line options that are prefixed with -XX are specific to Java HotSpot VM. For more information about command-line options used by Java HotSpot VM, see Java HotSpot VM Command-Line Options.
The jcmd is a new JDK profiling utility in JDK 8. It is suggested to use the latest diagnostic utility, jcmd instead of the earlier jstack, jinfo, and jmap utilities.

Java SE Monitoring and Management Guide
Monitoring and Management for the Java Platform

Monitors Java Virtual Machine (JVM) statistics. This command is experimental and unsupported.

jstat [ generalOption | outputOptions vmid [ interval[s|ms] [ count ] ]
//vmid: protocol:lvmid[@hostname[:port]/servername]

refer: https://docs.oracle.com/javase/8/docs/technotes/tools/windows/jstat.html

$_ jstat -help
$_ jstat -options

-class
-compiler
-gc
-gccapacity
-gccause
-gcnew
-gcnewcapacity
-gcold
-gcoldcapacity
-gcpermcapacity
-gcutil
-printcompilation

$_ ./jstat -printcompilation  -t 18128 1s
$_ ./jstat -printcompilation  -t 18128 1s 2
$_ ./jstat -gc -t 18128 1s 2

Timestamp S0C S1C S0U S1U EC EU OC
OU PC PU YGC YGCT FGC FGCT GCT

     3346.4 571392.0 607744.0 340114.4 384.0  1505280.0 1505280.0 5460992.0  1679695.0  66560.0 61799.4   2463  493.065  59    220.141  713.206
     3347.4 585216.0 607744.0  0.0   384.0  1505280.0 302819.9 5460992.0  1933919.0  66560.0 61799.4   2463  493.496  59    220.141  713.637

The jcmd utility is used to send diagnostic command requests to the JVM, where these requests are useful for controlling Java Flight Recordings, troubleshoot, and diagnose JVM and Java Applications. It must be used on the same machine where the JVM is running, and have the same effective user and group identifiers that were used to launch the JVM.
 Sample
 jcmd
 jcmd PerfCounter.print
 jcmd 2125 help //2125 is the pid
 jcmd 2125 GC.heap_dump filename=Myheapdump
 jcmd 2125 VM.uptime
 jcmd VM.system_properties
 jcmd VM.flags
 jcmd MyProgram help Thread.print
 jcmd Thread.print
 jcmd [options]
 jcmd 7060 JFR.start name=MyRecording settings=profile delay=20s duration=2m filename=C:\TEMP\myrecording.jfr
 jcmd 7060 JFR.check
 jcmd 7060 JFR.stop
More:

jcmd man page: https://docs.oracle.com/javase/8/docs/technotes/tools/windows/jcmd.html
Useful Commands for jcmd Utility: https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/tooldescr006.html#BABEJDGE 
Troubleshoot with jcmd Utility: https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/tooldescr006.html#BABFFIFA