I am new to bug bounties. I want to understand cyber security first before building mobile and web apps. I am looking for bugs and decided to intercept the http traffic and ended up seeing Upgrade-Insecure-Request. Can I exploit this?
Per Mozilla:
The HTTP Upgrade-Insecure-Requests request header sends a signal to the server expressing the client's preference for an encrypted and authenticated response, and that it can successfully handle the upgrade-insecure-requests CSP directive.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests