caption: List of names that will bypass the HSTS policy check
desc: |-
Setting the policy specifies a list of hostnames that bypass preloaded HSTS upgrades from http to https.
Only single-label hostnames are allowed in this policy, and this policy only applies to "static" HSTS-preloaded entries (for instance, <ph name="EXAMPLE_HSTS_PRELOAD_TLDS">"app", "new", "search", "play"</ph>). This policy does not prevent HSTS upgrades for servers that have "dynamically" requested HSTS upgrades using a <ph name="HSTS_HEADER_NAME">Strict-Transport-Security</ph> response header.
Supplied hostnames must be canonicalized: Any IDNs must be converted to their A-label format, and all ASCII letters must be lowercase. This policy only applies to the specific single-label hostnames specified, not to subdomains of those names.
example_value:
- meet
features:
dynamic_refresh: false
per_profile: true
future_on:
- fuchsia
owners:
- [email protected]
- [email protected]
schema:
items:
pattern: ^[a-z0-9-]*$
type: string
type: array
supported_on:
- chrome.*:78-
- android:78-
- chrome_os:78-
tags:
- system-security
type: list
Codebase Browser
chromium