Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(345)

Unified Diff: net/http/transport_security_state_static.json

Issue 2901393005: Experiment with HSTS preload list filtering. (Closed)
Patch Set: play.google.com is required too. Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
Download patch
« no previous file with comments | « net/http/BUILD.gn ('k') | net/tools/transport_security_state_generator/input_file_parsers.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/transport_security_state_static.json
diff --git a/net/http/transport_security_state_static.json b/net/http/transport_security_state_static.json
index 5653729b4d3bbec3c2f91117a1566bec133cfb71..baf914b421a07b6ea33dc0ec06149978c70479c7 100644
--- a/net/http/transport_security_state_static.json
+++ b/net/http/transport_security_state_static.json
@@ -46,6 +46,12 @@
// URI to which expect_staple reports should be sent.
// include_subdomains_for_expect_staple: (optional boolean) whether subdomains
// of |name| are also covered for |expect_staple|.
+//
+// importance: (optional unsigned) The importance of the entry.
+// Use 2 for entries that should always be included (e.g. for tests), use
+// 1 for entries that may be filtered without breaking tests, and use 0
+// for entries that may be filtered to reduce binary size. When the value
+// is not specified, 0 is assumed by the generator.
{
"pinsets": [
@@ -247,38 +253,38 @@
"entries": [
// Dummy entries to test certificate pinning and expect-CT.
- { "name": "pinningtest.appspot.com", "include_subdomains": true, "pins": "test" },
- { "name": "pinning-test.badssl.com", "include_subdomains": true, "pins": "test" },
- { "name": "preloaded-expect-ct.badssl.com", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload" },
- { "name": "preloaded-expect-staple.badssl.com", "expect_staple": true, "expect_staple_report_uri": "https://report.badssl.com/expect-staple" },
- { "name": "preloaded-expect-staple-include-subdomains.badssl.com", "expect_staple": true, "expect_staple_report_uri": "https://report.badssl.com/expect-staple", "include_subdomains_for_expect_staple": true },
+ { "name": "pinningtest.appspot.com", "include_subdomains": true, "pins": "test", "importance": 2 },
+ { "name": "pinning-test.badssl.com", "include_subdomains": true, "pins": "test", "importance": 2 },
+ { "name": "preloaded-expect-ct.badssl.com", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload", "importance": 2 },
+ { "name": "preloaded-expect-staple.badssl.com", "expect_staple": true, "expect_staple_report_uri": "https://report.badssl.com/expect-staple", "importance": 2 },
+ { "name": "preloaded-expect-staple-include-subdomains.badssl.com", "expect_staple": true, "expect_staple_report_uri": "https://report.badssl.com/expect-staple", "include_subdomains_for_expect_staple": true, "importance": 2 },
// eTLDs
// At the moment, this only includes a Google-owned gTLD,
// but other gTLDs and eTLDs are welcome to preload if they are interested.
- { "name": "google", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "google", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
// Google domains using Expect-CT.
- { "name": "mail.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload" },
+ { "name": "mail.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload", "importance": 2 },
{ "name": "plus.sandbox.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload" },
// Now we force HTTPS for subtrees of google.com.
- { "name": "accounts.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "accounts.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "admin.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "appengine.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "checkout.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "chrome.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "appengine.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "checkout.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "chrome.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "cloud.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "contributor.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "docs.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "docs.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "domains.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "encrypted.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "encrypted.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "fi.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "glass.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "goto.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "hangouts.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "history.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "hostedtalkgadget.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "hostedtalkgadget.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "inbox.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "login.corp.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "mail-settings.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
@@ -287,22 +293,22 @@
{ "name": "myactivity.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "passwords.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "pixel.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "play.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "plus.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "profiles.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "play.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "plus.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "profiles.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "script.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "security.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "sites.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "spreadsheets.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "talkgadget.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "talk.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "wallet.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "sites.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "spreadsheets.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "talkgadget.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "talk.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "wallet.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "payments.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "xn--7xa.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "dns.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
// Other Google-related domains that must use HTTPS.
- { "name": "apis.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "apis.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "build.chromium.org", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "bugs.chromium.org", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "chrome.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
@@ -315,25 +321,25 @@
{ "name": "crosbug.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "crrev.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "dl.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "drive.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "drive.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "firebaseio.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "g4w.co", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "gmail.com", "mode": "force-https", "pins": "google" },
+ { "name": "gmail.com", "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "goo.gl", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "googlecode.com", "include_subdomains": true, "pins": "google" },
- { "name": "googlemail.com", "mode": "force-https", "pins": "google" },
- { "name": "googleplex.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "googlecode.com", "include_subdomains": true, "pins": "google", "importance": 2 },
+ { "name": "googlemail.com", "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "googleplex.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "googlesource.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "groups.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "groups.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "gvt2.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "gvt3.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "market.android.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "market.android.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "translate.googleapis.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "withgoogle.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "withyoutube.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
- { "name": "www.gmail.com", "mode": "force-https", "pins": "google" },
- { "name": "www.googlemail.com", "mode": "force-https", "pins": "google" },
- { "name": "google-analytics.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
+ { "name": "www.gmail.com", "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "www.googlemail.com", "mode": "force-https", "pins": "google", "importance": 2 },
+ { "name": "google-analytics.com", "include_subdomains": true, "mode": "force-https", "pins": "google", "importance": 2 },
{ "name": "stats.g.doubleclick.net", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "chromiumbugs.appspot.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
@@ -356,26 +362,26 @@
// chart.apis.google.com is *not* HSTS because the certificate doesn't match
// and there are lots of links out there that still use the name. The correct
// hostname for this is chart.googleapis.com.
- { "name": "chart.apis.google.com", "include_subdomains": true, "pins": "google" },
+ { "name": "chart.apis.google.com", "include_subdomains": true, "pins": "google", "importance": 2 },
// Other Google-related domains that must use an acceptable certificate
// iff using SSL.
{ "name": "2mdn.net", "include_subdomains": true, "pins": "google" },
{ "name": "android.com", "include_subdomains": true, "pins": "google" },
- { "name": "appspot.com", "include_subdomains": true, "pins": "google" },
+ { "name": "appspot.com", "include_subdomains": true, "pins": "google", "importance": 2 },
{ "name": "blogger.com", "include_subdomains": true, "pins": "google" },
{ "name": "blogspot.com", "include_subdomains": true, "pins": "google" },
- { "name": "doubleclick.net", "include_subdomains": true, "pins": "google" },
+ { "name": "doubleclick.net", "include_subdomains": true, "pins": "google", "importance": 2 },
{ "name": "g.co", "include_subdomains": true, "pins": "google" },
{ "name": "ggpht.com", "include_subdomains": true, "pins": "google" },
{ "name": "google.ac", "include_subdomains": true, "pins": "google" },
{ "name": "google.ad", "include_subdomains": true, "pins": "google" },
- { "name": "googleadservices.com", "include_subdomains": true, "pins": "google" },
+ { "name": "googleadservices.com", "include_subdomains": true, "pins": "google", "importance": 2 },
{ "name": "google.ae", "include_subdomains": true, "pins": "google" },
{ "name": "google.af", "include_subdomains": true, "pins": "google" },
{ "name": "google.ag", "include_subdomains": true, "pins": "google" },
{ "name": "google.am", "include_subdomains": true, "pins": "google" },
- { "name": "googleapis.com", "include_subdomains": true, "pins": "google" },
+ { "name": "googleapis.com", "include_subdomains": true, "pins": "google", "importance": 2 },
{ "name": "google.as", "include_subdomains": true, "pins": "google" },
{ "name": "google.at", "include_subdomains": true, "pins": "google" },
{ "name": "google.az", "include_subdomains": true, "pins": "google" },
@@ -440,7 +446,7 @@
{ "name": "google.com.gr", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.gt", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.hk", "include_subdomains": true, "pins": "google" },
- { "name": "google.com", "include_subdomains": true, "pins": "google" },
+ { "name": "google.com", "include_subdomains": true, "pins": "google", "importance": 2 },
{ "name": "google.com.iq", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.jm", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.jo", "include_subdomains": true, "pins": "google" },
@@ -513,7 +519,7 @@
{ "name": "google.gm", "include_subdomains": true, "pins": "google" },
{ "name": "google.gp", "include_subdomains": true, "pins": "google" },
{ "name": "google.gr", "include_subdomains": true, "pins": "google" },
- { "name": "googlegroups.com", "include_subdomains": true, "pins": "google", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload" },
+ { "name": "googlegroups.com", "include_subdomains": true, "pins": "google", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload", "importance": 2 },
{ "name": "google.gy", "include_subdomains": true, "pins": "google" },
{ "name": "google.hk", "include_subdomains": true, "pins": "google" },
{ "name": "google.hn", "include_subdomains": true, "pins": "google" },
@@ -576,7 +582,7 @@
{ "name": "google.sn", "include_subdomains": true, "pins": "google" },
{ "name": "google.so", "include_subdomains": true, "pins": "google" },
{ "name": "google.st", "include_subdomains": true, "pins": "google" },
- { "name": "googlesyndication.com", "include_subdomains": true, "pins": "google" },
+ { "name": "googlesyndication.com", "include_subdomains": true, "pins": "google", "importance": 2 },
{ "name": "googletagmanager.com", "include_subdomains": true, "pins": "google" },
{ "name": "googletagservices.com", "include_subdomains": true, "pins": "google" },
{ "name": "google.td", "include_subdomains": true, "pins": "google" },
@@ -587,7 +593,7 @@
{ "name": "google.tn", "include_subdomains": true, "pins": "google" },
{ "name": "google.to", "include_subdomains": true, "pins": "google" },
{ "name": "google.tt", "include_subdomains": true, "pins": "google" },
- { "name": "googleusercontent.com", "include_subdomains": true, "pins": "google" },
+ { "name": "googleusercontent.com", "include_subdomains": true, "pins": "google", "importance": 2 },
{ "name": "google.us", "include_subdomains": true, "pins": "google" },
{ "name": "google.uz", "include_subdomains": true, "pins": "google" },
{ "name": "google.vg", "include_subdomains": true, "pins": "google" },
@@ -595,94 +601,94 @@
{ "name": "google.vu", "include_subdomains": true, "pins": "google" },
{ "name": "googleweblight.com", "include_subdomains": true, "pins": "google" },
{ "name": "google.ws", "include_subdomains": true, "pins": "google" },
- { "name": "gstatic.com", "include_subdomains": true, "pins": "google" },
+ { "name": "gstatic.com", "include_subdomains": true, "pins": "google", "importance": 2 },
{ "name": "static.googleadsserving.cn", "include_subdomains": true, "pins": "google" },
{ "name": "urchin.com", "include_subdomains": true, "pins": "google" },
{ "name": "www.googlegroups.com", "include_subdomains": true, "pins": "google", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload" },
- { "name": "youtube.com", "include_subdomains": true, "pins": "google" },
+ { "name": "youtube.com", "include_subdomains": true, "pins": "google", "importance": 2 },
{ "name": "youtu.be", "include_subdomains": true, "pins": "google" },
{ "name": "youtube-nocookie.com", "include_subdomains": true, "pins": "google" },
- { "name": "ytimg.com", "include_subdomains": true, "pins": "google" },
+ { "name": "ytimg.com", "include_subdomains": true, "pins": "google", "importance": 2 },
// Exclude the learn.doubleclick.net subdomain because it uses a different
// CA.
- { "name": "learn.doubleclick.net", "include_subdomains": true },
+ { "name": "learn.doubleclick.net", "include_subdomains": true, "importance": 2 },
// Force HTTPS for sites that have requested it.
- { "name": "www.paypal.com", "mode": "force-https" },
- { "name": "paypal.com", "mode": "force-https" },
- { "name": "www.elanex.biz", "mode": "force-https" },
+ { "name": "www.paypal.com", "mode": "force-https", "importance": 2 },
+ { "name": "paypal.com", "mode": "force-https", "importance": 2 },
+ { "name": "www.elanex.biz", "mode": "force-https", "importance": 2 },
{ "name": "jottit.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "sunshinepress.org", "include_subdomains": true, "mode": "force-https" },
- { "name": "www.noisebridge.net", "mode": "force-https" },
- { "name": "neg9.org", "mode": "force-https" },
- { "name": "riseup.net", "include_subdomains": true, "mode": "force-https" },
- { "name": "factor.cc", "mode": "force-https" },
- { "name": "members.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
- { "name": "support.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
- { "name": "id.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
- { "name": "lists.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
+ { "name": "sunshinepress.org", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "www.noisebridge.net", "mode": "force-https", "importance": 2 },
+ { "name": "neg9.org", "mode": "force-https", "importance": 2 },
+ { "name": "riseup.net", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "factor.cc", "mode": "force-https", "importance": 2 },
+ { "name": "members.mayfirst.org", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "support.mayfirst.org", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "id.mayfirst.org", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "lists.mayfirst.org", "include_subdomains": true, "mode": "force-https", "importance": 2 },
{ "name": "webmail.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "roundcube.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
- { "name": "aladdinschools.appspot.com", "mode": "force-https" },
- { "name": "ottospora.nl", "include_subdomains": true, "mode": "force-https" },
- { "name": "www.paycheckrecords.com", "mode": "force-https" },
- { "name": "lastpass.com", "mode": "force-https" },
- { "name": "www.lastpass.com", "mode": "force-https" },
- { "name": "keyerror.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "entropia.de", "mode": "force-https" },
- { "name": "www.entropia.de", "mode": "force-https" },
- { "name": "romab.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "logentries.com", "mode": "force-https" },
- { "name": "www.logentries.com", "mode": "force-https" },
- { "name": "stripe.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "cloudsecurityalliance.org", "include_subdomains": true, "mode": "force-https" },
- { "name": "login.sapo.pt", "include_subdomains": true, "mode": "force-https" },
- { "name": "mattmccutchen.net", "include_subdomains": true, "mode": "force-https" },
- { "name": "betnet.fr", "include_subdomains": true, "mode": "force-https" },
- { "name": "uprotect.it", "include_subdomains": true, "mode": "force-https" },
- { "name": "squareup.com", "mode": "force-https" },
+ { "name": "aladdinschools.appspot.com", "mode": "force-https", "importance": 2 },
+ { "name": "ottospora.nl", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "www.paycheckrecords.com", "mode": "force-https", "importance": 2 },
+ { "name": "lastpass.com", "mode": "force-https", "importance": 2 },
+ { "name": "www.lastpass.com", "mode": "force-https", "importance": 2 },
+ { "name": "keyerror.com", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "entropia.de", "mode": "force-https", "importance": 2 },
+ { "name": "www.entropia.de", "mode": "force-https", "importance": 2 },
+ { "name": "romab.com", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "logentries.com", "mode": "force-https", "importance": 2 },
+ { "name": "www.logentries.com", "mode": "force-https", "importance": 2 },
+ { "name": "stripe.com", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "cloudsecurityalliance.org", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "login.sapo.pt", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "mattmccutchen.net", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "betnet.fr", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "uprotect.it", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "squareup.com", "mode": "force-https", "importance": 2 },
{ "name": "square.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "cert.se", "include_subdomains": true, "mode": "force-https" },
- { "name": "simon.butcher.name", "include_subdomains": true, "mode": "force-https" },
- { "name": "linx.net", "include_subdomains": true, "mode": "force-https" },
- { "name": "dropcam.com", "mode": "force-https" },
- { "name": "www.dropcam.com", "mode": "force-https" },
- { "name": "ebanking.indovinabank.com.vn", "include_subdomains": true, "mode": "force-https" },
- { "name": "epoxate.com", "mode": "force-https" },
- { "name": "torproject.org", "mode": "force-https", "pins": "tor" },
- { "name": "blog.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
- { "name": "check.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
- { "name": "www.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
+ { "name": "cert.se", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "simon.butcher.name", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "linx.net", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "dropcam.com", "mode": "force-https", "importance": 2 },
+ { "name": "www.dropcam.com", "mode": "force-https", "importance": 2 },
+ { "name": "ebanking.indovinabank.com.vn", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "epoxate.com", "mode": "force-https", "importance": 2 },
+ { "name": "torproject.org", "mode": "force-https", "pins": "tor", "importance": 2 },
+ { "name": "blog.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor", "importance": 2 },
+ { "name": "check.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor", "importance": 2 },
+ { "name": "www.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor", "importance": 2 },
{ "name": "dist.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
- { "name": "www.moneybookers.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "ledgerscope.net", "mode": "force-https" },
- { "name": "www.ledgerscope.net", "mode": "force-https" },
- { "name": "app.recurly.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "api.recurly.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "greplin.com", "mode": "force-https" },
- { "name": "www.greplin.com", "mode": "force-https" },
- { "name": "luneta.nearbuysystems.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "ubertt.org", "include_subdomains": true, "mode": "force-https" },
- { "name": "pixi.me", "include_subdomains": true, "mode": "force-https" },
- { "name": "grepular.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "mydigipass.com", "mode": "force-https" },
- { "name": "www.mydigipass.com", "mode": "force-https" },
- { "name": "developer.mydigipass.com", "mode": "force-https" },
- { "name": "www.developer.mydigipass.com", "mode": "force-https" },
- { "name": "sandbox.mydigipass.com", "mode": "force-https" },
- { "name": "www.sandbox.mydigipass.com", "mode": "force-https" },
+ { "name": "www.moneybookers.com", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "ledgerscope.net", "mode": "force-https", "importance": 2 },
+ { "name": "www.ledgerscope.net", "mode": "force-https", "importance": 2 },
+ { "name": "app.recurly.com", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "api.recurly.com", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "greplin.com", "mode": "force-https", "importance": 2 },
+ { "name": "www.greplin.com", "mode": "force-https", "importance": 2 },
+ { "name": "luneta.nearbuysystems.com", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "ubertt.org", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "pixi.me", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "grepular.com", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "mydigipass.com", "mode": "force-https", "importance": 2 },
+ { "name": "www.mydigipass.com", "mode": "force-https", "importance": 2 },
+ { "name": "developer.mydigipass.com", "mode": "force-https", "importance": 2 },
+ { "name": "www.developer.mydigipass.com", "mode": "force-https", "importance": 2 },
+ { "name": "sandbox.mydigipass.com", "mode": "force-https", "importance": 2 },
+ { "name": "www.sandbox.mydigipass.com", "mode": "force-https", "importance": 2 },
{ "name": "crypto.cat", "mode": "force-https" },
- { "name": "bigshinylock.minazo.net", "include_subdomains": true, "mode": "force-https" },
- { "name": "crate.io", "include_subdomains": true, "mode": "force-https" },
- { "name": "twitter.com", "mode": "force-https", "pins": "twitterCom" },
- { "name": "www.twitter.com", "include_subdomains": true, "mode": "force-https", "pins": "twitterCom" },
- { "name": "api.twitter.com", "include_subdomains": true, "pins": "twitterCDN" },
- { "name": "oauth.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
- { "name": "mobile.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
- { "name": "dev.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
- { "name": "business.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
- { "name": "platform.twitter.com", "include_subdomains": true, "pins": "twitterCDN" },
- { "name": "twimg.com", "include_subdomains": true, "pins": "twitterCDN" },
+ { "name": "bigshinylock.minazo.net", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "crate.io", "include_subdomains": true, "mode": "force-https", "importance": 2 },
+ { "name": "twitter.com", "mode": "force-https", "pins": "twitterCom", "importance": 2 },
+ { "name": "www.twitter.com", "include_subdomains": true, "mode": "force-https", "pins": "twitterCom", "importance": 2 },
+ { "name": "api.twitter.com", "include_subdomains": true, "pins": "twitterCDN", "importance": 2 },
+ { "name": "oauth.twitter.com", "include_subdomains": true, "pins": "twitterCom", "importance": 2 },
+ { "name": "mobile.twitter.com", "include_subdomains": true, "pins": "twitterCom", "importance": 2 },
+ { "name": "dev.twitter.com", "include_subdomains": true, "pins": "twitterCom", "importance": 2 },
+ { "name": "business.twitter.com", "include_subdomains": true, "pins": "twitterCom", "importance": 2 },
+ { "name": "platform.twitter.com", "include_subdomains": true, "pins": "twitterCDN", "importance": 2 },
+ { "name": "twimg.com", "include_subdomains": true, "pins": "twitterCDN", "importance": 2 },
{ "name": "braintreegateway.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "braintreepayments.com", "mode": "force-https" },
{ "name": "www.braintreepayments.com", "mode": "force-https" },
@@ -1472,8 +1478,8 @@
// Facebook would like to have pinning enforced on (*.)facebook.com and
// HSTS enforced on specific names.
- { "name": "facebook.com", "mode": "force-https", "include_subdomains_for_pinning": true, "pins": "facebook" },
- { "name": "www.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "facebook.com", "mode": "force-https", "include_subdomains_for_pinning": true, "pins": "facebook", "importance": 2 },
+ { "name": "www.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook", "importance": 2 },
{ "name": "m.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
{ "name": "tablet.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
{ "name": "secure.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
@@ -20460,7 +20466,7 @@
{ "name": "raymondelooff.nl", "include_subdomains": true, "mode": "force-https" },
{ "name": "probiv.biz", "include_subdomains": true, "mode": "force-https" },
{ "name": "relaybox.io", "include_subdomains": true, "mode": "force-https" },
- { "name": "recurly.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "recurly.com", "include_subdomains": true, "mode": "force-https", "importance": 2 },
{ "name": "plueschmikroben.de", "include_subdomains": true, "mode": "force-https" },
{ "name": "rhodesianridgeback.com.br", "include_subdomains": true, "mode": "force-https" },
{ "name": "policedriver.com", "include_subdomains": true, "mode": "force-https" },
@@ -29297,7 +29303,7 @@
{ "name": "www.amazon.it", "include_subdomains": true, "mode": "force-https" },
{ "name": "www.amazon.nl", "include_subdomains": true, "mode": "force-https" },
{ "name": "music.amazon.com", "include_subdomains": true, "mode": "force-https" },
- { "name": "crypto.is", "include_subdomains": true, "mode": "force-https", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload" },
+ { "name": "crypto.is", "include_subdomains": true, "mode": "force-https", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload", "importance": 2 },
{ "name": "ritter.vg", "expect_ct": true, "expect_ct_report_uri": "https://clients3.google.com/ct_upload", "expect_staple": true, "expect_staple_report_uri": "https://asac.casa/expectstaple.jsp" },
{ "name": "tails.boum.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "0.me.uk", "include_subdomains": true, "mode": "force-https", "pins": "ncsccs" },
« no previous file with comments | « net/http/BUILD.gn ('k') | net/tools/transport_security_state_generator/input_file_parsers.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698