Test domains

Question

Test domains

rwky opened this issue 6 years ago · 3 comments

We're using hstspreload.org to run tests with travis builds of this script https://github.com/sensu-plugins/sensu-plugins-ssl/blob/master/test/check-ssl-hsts-preloadable_spec.rb

Up until recently garron.net issued warnings now it doesn't. It would be great if there were test domains that did the following:

passed preload check without any errors and warnings
passed preload checks with warnings
failed with errors

1 and 3 are easy to find, 2 is more difficult, would it be possible to get a domain that permanently generates warnings? If not can you suggest a better testing method?

Answer 1 · 2018-03-17T17:21:36.000Z

I think they remove domains with warnings after a while? would be nice if there was a standard testing one or some way to flag a domain to keep (for testing) even if it is a manual process.

Answer 2 · 2018-03-17T17:28:05.000Z

Just double checked in your case it looks like you/your hosting provider fixed your warnings or they changed their requirements on what a warning is. We might be able to add another random domain but I'd like to see if there is already a standard testing domain.

Answer 3 · 2018-03-19T10:15:54.000Z

I think they remove domains with warnings after a while?

Warnings don't impact whether a domain can become/stay preloaded.

https://github.com/chromium/hstspreload uses oskuro.net:
https://github.com/chromium/hstspreload/blob/be995c98f169479ab1938d94ecad0d95b42ea31a/redirects_test.go#L138

This issue belongs at https://github.com/chromium/hstspreload, so feel free to reopen there if there's more.