-
The user agent for hstspreload requests is generic
`user-agent: Go-http-client/2.0`
Can this be set to something specific to identify the bot? This would enable server admins to whitelist the bot …
-
choosealicense.org has HSTS due to #483.
It would be great to go all the way and preload HSTS: https://hstspreload.org/?domain=choosealicense.org
Steps would be:
- [x] Serve an HSTS header wi…
-
https://hstspreload.org notes that the minimum value for HSTS age headers should be 18 weeks, whereas Observatory goes with half a year. It would be worth changing Observatory to match the 18 week req…
-
After Slackware -current Fri Nov 22 22:08:18 UTC 2024 updated python3-3.12.7, nvchecker don't run anymore:
```console
$> nvchecker --version
Traceback (most recent call last):
File "/usr/bin/n…
-
https://dnssec-debugger.verisignlabs.com/hstspreload.org
https://cloudplatform.googleblog.com/2017/11/DNSSEC-now-available-in-Cloud-DNS.html
-
HSTS should be preloaded https://hstspreload.org/?domain=isbgpsafeyet.com
-
So, I implemented HSTS and got approved on hstspreload.org, but I can't seem to get my last +5 for 135/135 score.
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload
At fir…
-
Would be awesome if we could add an API check to see if a site is in preloaded in browsers.
API is available here: https://hstspreload.org
An example call would be: https://hstspreload.org/api/v2/…
-
The HSTS header from caniuse.com mentions "preload". However, caniuse.com is not actually HSTS preloaded, at least not in Google Chrome. Please submit caniuse.com for HSTS preloading.
https://hstsp…
-
This is submitted here https://hstspreload.appspot.com/
At the moment (with 3.4) we get this
![image](https://cloud.githubusercontent.com/assets/656739/3879837/e4138d24-217c-11e4-8942-89d46e852cda.p…