https: make hsts and alt-svc sub-pages under HTTPS

Closes #483

SUMMARY.md

@@ -151,7 +151,6 @@
     * [HTTP/2](http/versions/http2.md)
     * [HTTP/3](http/versions/http3.md)
   * [Conditionals](http/conditionals.md)
-  * [HTTPS](http/https.md)
   * [HTTP POST](http/post/README.md)
     * [Simple POST](http/post/simple.md)
     * [Content-Type](http/post/content-type.md)
@@ -177,8 +176,9 @@
   * [HTTP PUT](http/put.md)
   * [Cookies](http/cookies/README.md)
     * [Cookie file format](http/cookies/fileformat.md)
-  * [Alternative Services](http/altsvc.md)
-  * [HSTS](http/hsts.md)
+  * [HTTPS](http/https.md)
+    * [HSTS](http/https/hsts.md)
+    * [Alternative Services](http/https/altsvc.md)
   * [Scripting browser-like tasks](http/browserlike.md)
 * [Command line FTP](ftp/README.md)
   * [FTP Directory listing](ftp/dirlist.md)

http/README.md

@@ -15,12 +15,12 @@ the specific HTTPS section.
   * [Ranges](ranges.md)
   * [HTTP versions](versions/)
   * [Conditionals](conditionals.md)
-  * [HTTPS](https.md)
   * [HTTP POST](post/)
   * [Redirects](redirects.md)
   * [Modify the HTTP request](modify/)
   * [HTTP PUT](put.md)
   * [Cookies](cookies/)
-  * [Alternative Services](altsvc.md)
-  * [HSTS](hsts.md)
+  * [HTTPS](https.md)
+    * [HSTS](https/hsts.md)
+    * [Alternative Services](https/altsvc.md)
   * [Scripting browser-like tasks](browserlike.md)

http/https.md

@@ -7,4 +7,5 @@ integrity by the use of TLS.
 See the [Using TLS](../usingcurl/tls.md) section for in-depth details on how
 to modify and tweak the TLS details in an HTTPS transfer.
 
+* [HSTS](https/hsts.md)
 

http/hsts.md → http/https/hsts.md

@@ -1,17 +1,19 @@
 # HSTS
 
+*Automatic use of HTTPS*.
+
 HTTP Strict Transport Security, HSTS, is a protocol mechanism that helps to
 protect HTTPS servers against man-in-the-middle attacks such as protocol
 downgrade attacks and cookie hijacking. It allows an HTTPS server to declare
-that clients should automatically interact with this hostname using only
-HTTPS connections going forward - and explicitly not use clear text protocols
-with it.
+that clients should automatically interact with this hostname using only HTTPS
+connections going forward - and explicitly not use clear text protocols with
+it.
 
 ## HSTS cache
 
 The HSTS status for a certain server name is set in a response header and has
-an expire time. The status for every HSTS hostname needs to be saved
-in a file for curl to pick it up and to update the status and expire time.
+an expire time. The status for every HSTS hostname needs to be saved in a file
+for curl to pick it up and to update the status and expire time.
 
 Invoke curl and tell it which file to use as a hsts cache:
 

http/versions/http3.md

@@ -38,8 +38,8 @@ can take advantage of this feature when
 
 ## Alt-svc:
 
-The [alt-svc](../altsvc.md) method of changing to HTTP/3 is the official way to
-bootstrap into HTTP/3 for a server.
+The [alt-svc](../https/altsvc.md) method of changing to HTTP/3 is the official
+way to bootstrap into HTTP/3 for a server.
 
 Note that you need that feature built-in and that it does not switch to HTTP/3
 for the *current* request unless the alt-svc cache is already populated, but