| Index: net/http/transport_security_state_static.json
|
| diff --git a/net/http/transport_security_state_static.json b/net/http/transport_security_state_static.json
|
| index 1106187da57881cee541fa5a4d64b6ac5c102910..f2ea764db5fe40adfd6f0e7b69621f3d706eae01 100644
|
| --- a/net/http/transport_security_state_static.json
|
| +++ b/net/http/transport_security_state_static.json
|
| @@ -178,6 +178,7 @@
|
| { "name": "script.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
|
| { "name": "history.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
|
| { "name": "security.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
|
| + { "name": "translate.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
|
|
|
| // Other Google-related domains that must use HTTPS.
|
| { "name": "market.android.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
|
| @@ -193,6 +194,7 @@
|
| { "name": "code.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
|
| { "name": "googlecode.com", "include_subdomains": true, "pins": "google" },
|
| { "name": "dl.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
|
| + { "name": "translate.googleapis.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
|
|
|
| // chart.apis.google.com is *not* HSTS because the certificate doesn't match
|
| // and there are lots of links out there that still use the name. The correct
|
|
|