We recently added our domains to the "HTTP Strict Transport Security" preload list, and I had no idea this was even a thing. I assumed that the best we could do was to enforce HTTPS at the CDN/network level.
Anyone can add their own site or domain to this list, which enforces HTTPS at the browser level (for supporting browsers).
1 comment
[ 7.1 ms ] story [ 140 ms ] threadAnyone can add their own site or domain to this list, which enforces HTTPS at the browser level (for supporting browsers).