| ↑back Search ←Prev date Next date→ (Showing only urls - See all) | (Click on time to show url line in full context) |
| Who | What | When |
|---|---|---|
| mhoran | OK, I think it was some combination of weird cached things and then redirects that weren't working. https://graphs.arpnetworks.com just redirects to arpnetworks.com, and I think the HSTS somewhere was then getting cached.
But if I go to https://graphs.arpnetworks.com/cacti/ it works. | [05:59] |
| brycec | For me, https://graphs.arpnetworks.com does NOT redirect to arpnetworks.com, it redirects to /cacti/. Also, it's not serving an HSTS header.
But if I try http://graphs.arpnetworks.com But if I try http://graphs.arpnetworks.com it DOES redirect to arpnetworks.com. (And no HSTS header in that response, or the response from https://arpnetworks.com) ^ I've had this same issue with portal.arpnetworks.com -- I type "portal.arpnetworks.com" in my browser and end up at https://arpnetworks.com, but if I make sure to type https://portal.arpnetworks.com I end up where I wanted to be. Long story short... (portal|graphs).arpnetworks.com:80 really ought to redirecto the https://&:443 and _not_ https://arpnetworks.com, very jarring user experience | [10:00] |
| mercutio: You're referring to https://hstspreload.org/ ? | [16:32] | |
| oof the HSTS list has grown quite a bit since I last looked https://cs.chromium.org/chromium/src/net/http/transport_security_state_static.json | [16:41] |
| ↑back Search ←Prev date Next date→ (Showing only urls - See all) | (Click on time to show url line in full context) |