isoos
commented
5 years ago Note: we need to check that other properties on the dartlang.org are HTTPS, otherwise, this will break them.
Is there a simple way to test that?
Closed jonasfj closed 5 years ago
isoos
commented
5 years ago Note: we need to check that other properties on the dartlang.org are HTTPS, otherwise, this will break them.
Is there a simple way to test that?
jonasfj
commented
5 years ago CC, @mit-mit, @kevmoo, do any of you guys know about non-HTTPS properties? Do we have any under dartlang.org?
I haven't seen any, but it's also possible I'm not aware of all web properties :)
kevmoo
commented
5 years ago Everything should be HTTPS. Can't think of one that we haven't migrated.
CC @kwalrath
kwalrath
commented
5 years ago Everything's HTTPS, afaik.
See: https://hstspreload.org/
Getting the domains preloaded is less important for now, we'll get there with the next domain for free.
Note. we should start with something like 1 hour, and later increase to a year, a decent header might be:
Note: we need to check that other properties on the
dartlang.orgare HTTPS, otherwise, this will break them.