Open lgarron opened 7 years ago
When I added the check I thought that having a permanent redirection is a preloading requirement. Looking at the web site right now, that doesn't seem to be the case. So my message will need to be toned down to promote permanent redirection as HSTS best policy only.
That said, I think there's some value in requiring permanent redirects for consistency with the RFC and as a small barrier to prevent preloading by mistake.
Or maybe an error?
@ivanr's Hardenize checks for this.