Chromium Code Reviews Chromium Code Reviews
Issue
2449713002:
HSTS preload list removals for Chrome 56. (Closed)
DescriptionHSTS preload list removals for Chrome 56.
ispire.me:
> • go.ispire.me - reason: Using http redirects somethimes.
> • goto.ispire.me - reason: Using http redirects somethimes.
> • cdn.ispire.me - reason: Using http redirects somethimes.
ebfe.pw:
> i work in pentest space and sometimes i need certain stuffs to be hosted in
> non-https. 😉
eopugetsound.org:
> • dev.eopugetsound.org – we do not have a cert (nor can we get one) for this
> subdomain.
rocketmill.co.uk:
> • uptime.rocketmill.co.uk – points to a 3rd party server hosting an
> application. We don’t have control over the server and it doesn’t support
> HTTPS currently.
gig.ru:
> • all subdomains — https was left only for primary domain name
self-injury.net:
> The website was shut down and the main domain transferred to tumblr.com DNS
> which does not support SSL.
spritchard.photos:
> Migration to Nginx for new backend service expansion. Preload was previously
> required as there was no expectation of such expansion. The flag has been
> removed and max-age has now been set to 0. SSL & HTTP/2 will remain enabled
> where possible but preloading will not be required.
motoryz.nl:
> Due to a wrong default configuration the sites has been serving a HSTS header
> without actual intend.
klimat-pro.pl:
> • oddymianie.klimat-pro.pl - we do not have wildcard certificate for klimat-
> pro.pl, and our management is not willing to pay for such certificate, we
> still need to serve this page as it is page for our new product range.
sslhosting.cz:
> • www - it has been a project of mine, but I did not succeed
liverpoolmutualhomes.org:
> • “email.liverpoolmutualhomes.org” – this uses the CreateSend personalised URL
> service that can only be used over plain HTTP. To our knowledge, no request
> was ever submitted to include the “liverpoolmutualhomes.org” domain in the
> preload list other than a previous developer adding the
> “www.liverpoolmutualhomes.org” with the “preload” by mistake and this was
> removed about April 2016 – this referenced the www.liverpoolmutualhomes.org,
> yet “liverpoolmutualhomes.org” has been registered.
thijsalders.nl:
> I never intended to be pre-loaded in the HSTS list. On an old web server some
> time ago, I was experimenting with SSL, and I accidentally enabled HSTS, not
> knowing what it was. I’ve disabled it already, but somehow my domain got
> included in the pre-load list, and now I can’t run small test stuff without
> SSL anymore.
josip.at:
> I want to sell this domain asap.
guscaplan.me:
> guscaplan.me - moved to gus.host (pending HSTS)
> *.guscaplan.me - moved to *.gus.host (pending HSTS)
lavinya.net:
> because not working my subdomains if hsts on.
froot.se:
> Wasn't meant to have preload directive from the start.
BUG=527947
TBR=palmer@chromium.org
Committed: https://chromium.googlesource.com/chromium/src/+/cc58a938580a8198d48e5949ba7dce5a54c0b4d8
Patch Set 1 #Patch Set 2 : HSTS preload list removals for Chrome 56. #Patch Set 3 : HSTS preload list removals for Chrome 56. #Patch Set 4 : HSTS preload list removals for Chrome 56. #Messages
Total messages: 6 (4 generated)
|
