Google Git
Sign in
cobalt / cobalt / 0be0de584ed705b4c1ad6e08ab940973442529b5 / . / src / net / base / transport_security_state_static.json
blob: f0a704caa437060c625498f021390fa241e7eaff [file] [log] [blame]
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// This file contains the HSTS preloaded list in a machine readable format.
// The top-level element is a dictionary with two keys: "pinsets" maps details
// of certificate pinning to a name and "entries" contains the HSTS details for
// each host.
//
// "pinsets" is a list of objects. Each object has the following members:
// name: (string) the name of the pinset
// static_spki_hashes: (list of strings) the set of allowed SPKIs hashes
// bad_static_spki_hashes: (optional list of strings) the set of forbidden SPKIs hashes
//
// For a given pinset, a certifiacte is accepted if at least one of the
// "static_spki_hashes" SPKIs is found in the chain and none of the "bad_static_spki_hashes" SPKIs are.
// SPKIs are specified as names, which must match up with the file of
// certificates.
//
// "entries" is a list of objects. Each object has the following members:
// name: (string) the DNS name of the host in question
// include_subdomains: (optional bool) whether subdomains of |name| are also covered
// mode: (optional string) "force-https" iff covered names should require HTTPS
// pins: (optional string) the |name| member of an object in |pinsets|
// snionly: (optional bool) if true then this entry is only enforced if TLS is
// enabled because the site in question only serves the correct
// certificate if SNI is sent. Note that this only covers the case where
// TLS has been disabled by explicit configuration. If TLS was disabled
// because of SSLv3 fallback, then the entry is still in force and a
// fatal certificate error will result. Spurious certificate errors are
// an unfortunate result of SSLv3 fallback.
{
"pinsets": [
{
"name": "test",
"static_spki_hashes": [
"TestSPKI"
]
},
{
"name": "google",
"static_spki_hashes": [
"VeriSignClass3",
"VeriSignClass3_G3",
"Google1024",
"Google2048",
"EquifaxSecureCA",
"GeoTrustGlobal"
],
"bad_static_spki_hashes": [
"Aetna",
"Intel",
"TCTrustCenter",
"Vodafone"
]
},
{
"name": "tor",
"static_spki_hashes": [
"RapidSSL",
"DigiCertEVRoot",
"Tor1",
"Tor2",
"Tor3"
]
},
{
"name": "twitterCom",
"static_spki_hashes": [
"VeriSignClass1",
"VeriSignClass3",
"VeriSignClass3_G4",
"VeriSignClass4_G3",
"VeriSignClass3_G3",
"VeriSignClass1_G3",
"VeriSignClass2_G3",
"VeriSignClass3_G2",
"VeriSignClass2_G2",
"VeriSignClass3_G5",
"VeriSignUniversal",
"GeoTrustGlobal",
"GeoTrustGlobal2",
"GeoTrustUniversal",
"GeoTrustUniversal2",
"GeoTrustPrimary",
"GeoTrustPrimary_G2",
"GeoTrustPrimary_G3",
"Twitter1"
]
},
{
"name": "twitterCDN",
"static_spki_hashes": [
"VeriSignClass1",
"VeriSignClass3",
"VeriSignClass3_G4",
"VeriSignClass4_G3",
"VeriSignClass3_G3",
"VeriSignClass1_G3",
"VeriSignClass2_G3",
"VeriSignClass3_G2",
"VeriSignClass2_G2",
"VeriSignClass3_G5",
"VeriSignUniversal",
"GeoTrustGlobal",
"GeoTrustGlobal2",
"GeoTrustUniversal",
"GeoTrustUniversal2",
"GeoTrustPrimary",
"GeoTrustPrimary_G2",
"GeoTrustPrimary_G3",
"Twitter1",
"Entrust_2048",
"Entrust_EV",
"Entrust_G2",
"Entrust_SSL",
"AAACertificateServices",
"AddTrustClass1CARoot",
"AddTrustExternalCARoot",
"AddTrustPublicCARoot",
"AddTrustQualifiedCARoot",
"COMODOCertificationAuthority",
"SecureCertificateServices",
"TrustedCertificateServices",
"UTNDATACorpSGC",
"UTNUSERFirstClientAuthenticationandEmail",
"UTNUSERFirstHardware",
"UTNUSERFirstObject",
"GTECyberTrustGlobalRoot"
]
},
{
"name": "tor2web",
"static_spki_hashes": [
"AlphaSSL_G2",
"Tor2web"
]
},
{
"name": "cryptoCat",
"static_spki_hashes": [
"DigiCertEVRoot",
"CryptoCat1"
]
}
],
"entries": [
// Dummy entry to test certificate pinning.
{ "name": "pinningtest.appspot.com", "include_subdomains": true, "pins": "test" },
// (*.)google.com, iff using SSL, must use an acceptable certificate.
{ "name": "google.com", "include_subdomains": true, "pins": "google" },
// Now we force HTTPS for subtrees of google.com.
{ "name": "health.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "checkout.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "chrome.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "docs.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "sites.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "spreadsheets.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "appengine.google.com", "mode": "force-https", "pins": "google" },
{ "name": "encrypted.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "accounts.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "profiles.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "mail.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "talkgadget.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "talk.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "hostedtalkgadget.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "plus.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "script.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "history.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
// Other Google-related domains that must use HTTPS.
{ "name": "market.android.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "ssl.google-analytics.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "drive.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "googleplex.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "groups.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "apis.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "chromiumcodereview.appspot.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "codereview.appspot.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "codereview.chromium.org", "include_subdomains": true, "mode": "force-https", "pins": "google" },
// TODO(palmer): include_subdomains must be set to true when the
// certificate for uploads.code.google.com is corrected. See
// https://code.google.com/p/chromium/issues/detail?id=158594.
{ "name": "code.google.com", "include_subdomains": false, "mode": "force-https", "pins": "google" },
{ "name": "googlecode.com", "include_subdomains": true, "pins": "google" },
// chart.apis.google.com is *not* HSTS because the certificate doesn't match
// and there are lots of links out there that still use the name. The correct
// hostname for this is chart.googleapis.com.
{ "name": "chart.apis.google.com", "include_subdomains": true, "pins": "google" },
// Other Google-related domains that must use an acceptable certificate
// iff using SSL.
{ "name": "ytimg.com", "include_subdomains": true, "pins": "google" },
{ "name": "googleusercontent.com", "include_subdomains": true, "pins": "google" },
{ "name": "youtube.com", "include_subdomains": true, "pins": "google" },
{ "name": "googleapis.com", "include_subdomains": true, "pins": "google" },
{ "name": "googleadservices.com", "include_subdomains": true, "pins": "google" },
{ "name": "appspot.com", "include_subdomains": true, "pins": "google" },
{ "name": "googlesyndication.com", "include_subdomains": true, "pins": "google" },
{ "name": "doubleclick.net", "include_subdomains": true, "pins": "google" },
{ "name": "ssl.gstatic.com", "include_subdomains": true, "pins": "google" },
{ "name": "youtu.be", "include_subdomains": true, "pins": "google" },
{ "name": "android.com", "include_subdomains": true, "pins": "google" },
{ "name": "googlecommerce.com", "include_subdomains": true, "pins": "google" },
{ "name": "urchin.com", "include_subdomains": true, "pins": "google" },
{ "name": "goo.gl", "include_subdomains": true, "pins": "google" },
{ "name": "g.co", "include_subdomains": true, "pins": "google" },
{ "name": "google.ac", "include_subdomains": true, "pins": "google" },
{ "name": "google.ad", "include_subdomains": true, "pins": "google" },
{ "name": "google.ae", "include_subdomains": true, "pins": "google" },
{ "name": "google.af", "include_subdomains": true, "pins": "google" },
{ "name": "google.ag", "include_subdomains": true, "pins": "google" },
{ "name": "google.am", "include_subdomains": true, "pins": "google" },
{ "name": "google.as", "include_subdomains": true, "pins": "google" },
{ "name": "google.at", "include_subdomains": true, "pins": "google" },
{ "name": "google.az", "include_subdomains": true, "pins": "google" },
{ "name": "google.ba", "include_subdomains": true, "pins": "google" },
{ "name": "google.be", "include_subdomains": true, "pins": "google" },
{ "name": "google.bf", "include_subdomains": true, "pins": "google" },
{ "name": "google.bg", "include_subdomains": true, "pins": "google" },
{ "name": "google.bi", "include_subdomains": true, "pins": "google" },
{ "name": "google.bj", "include_subdomains": true, "pins": "google" },
{ "name": "google.bs", "include_subdomains": true, "pins": "google" },
{ "name": "google.by", "include_subdomains": true, "pins": "google" },
{ "name": "google.ca", "include_subdomains": true, "pins": "google" },
{ "name": "google.cat", "include_subdomains": true, "pins": "google" },
{ "name": "google.cc", "include_subdomains": true, "pins": "google" },
{ "name": "google.cd", "include_subdomains": true, "pins": "google" },
{ "name": "google.cf", "include_subdomains": true, "pins": "google" },
{ "name": "google.cg", "include_subdomains": true, "pins": "google" },
{ "name": "google.ch", "include_subdomains": true, "pins": "google" },
{ "name": "google.ci", "include_subdomains": true, "pins": "google" },
{ "name": "google.cl", "include_subdomains": true, "pins": "google" },
{ "name": "google.cm", "include_subdomains": true, "pins": "google" },
{ "name": "google.cn", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.ao", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.bw", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.ck", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.cr", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.hu", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.id", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.il", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.im", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.in", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.je", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.jp", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.ke", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.kr", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.ls", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.ma", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.mz", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.nz", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.th", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.tz", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.ug", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.uk", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.uz", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.ve", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.vi", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.za", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.zm", "include_subdomains": true, "pins": "google" },
{ "name": "google.co.zw", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.af", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ag", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ai", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ar", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.au", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.bd", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.bh", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.bn", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.bo", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.br", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.by", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.bz", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.cn", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.co", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.cu", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.cy", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.do", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ec", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.eg", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.et", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.fj", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ge", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.gh", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.gi", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.gr", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.gt", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.hk", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.iq", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.jm", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.jo", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.kh", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.kw", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.lb", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ly", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.mt", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.mx", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.my", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.na", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.nf", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ng", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ni", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.np", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.nr", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.om", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.pa", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.pe", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ph", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.pk", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.pl", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.pr", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.py", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.qa", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ru", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.sa", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.sb", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.sg", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.sl", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.sv", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.tj", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.tn", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.tr", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.tw", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ua", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.uy", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.vc", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.ve", "include_subdomains": true, "pins": "google" },
{ "name": "google.com.vn", "include_subdomains": true, "pins": "google" },
{ "name": "google.cv", "include_subdomains": true, "pins": "google" },
{ "name": "google.cz", "include_subdomains": true, "pins": "google" },
{ "name": "google.de", "include_subdomains": true, "pins": "google" },
{ "name": "google.dj", "include_subdomains": true, "pins": "google" },
{ "name": "google.dk", "include_subdomains": true, "pins": "google" },
{ "name": "google.dm", "include_subdomains": true, "pins": "google" },
{ "name": "google.dz", "include_subdomains": true, "pins": "google" },
{ "name": "google.ee", "include_subdomains": true, "pins": "google" },
{ "name": "google.es", "include_subdomains": true, "pins": "google" },
{ "name": "google.fi", "include_subdomains": true, "pins": "google" },
{ "name": "google.fm", "include_subdomains": true, "pins": "google" },
{ "name": "google.fr", "include_subdomains": true, "pins": "google" },
{ "name": "google.ga", "include_subdomains": true, "pins": "google" },
{ "name": "google.ge", "include_subdomains": true, "pins": "google" },
{ "name": "google.gg", "include_subdomains": true, "pins": "google" },
{ "name": "google.gl", "include_subdomains": true, "pins": "google" },
{ "name": "google.gm", "include_subdomains": true, "pins": "google" },
{ "name": "google.gp", "include_subdomains": true, "pins": "google" },
{ "name": "google.gr", "include_subdomains": true, "pins": "google" },
{ "name": "google.gy", "include_subdomains": true, "pins": "google" },
{ "name": "google.hk", "include_subdomains": true, "pins": "google" },
{ "name": "google.hn", "include_subdomains": true, "pins": "google" },
{ "name": "google.hr", "include_subdomains": true, "pins": "google" },
{ "name": "google.ht", "include_subdomains": true, "pins": "google" },
{ "name": "google.hu", "include_subdomains": true, "pins": "google" },
{ "name": "google.ie", "include_subdomains": true, "pins": "google" },
{ "name": "google.im", "include_subdomains": true, "pins": "google" },
{ "name": "google.info", "include_subdomains": true, "pins": "google" },
{ "name": "google.iq", "include_subdomains": true, "pins": "google" },
{ "name": "google.is", "include_subdomains": true, "pins": "google" },
{ "name": "google.it", "include_subdomains": true, "pins": "google" },
{ "name": "google.it.ao", "include_subdomains": true, "pins": "google" },
{ "name": "google.je", "include_subdomains": true, "pins": "google" },
{ "name": "google.jo", "include_subdomains": true, "pins": "google" },
{ "name": "google.jobs", "include_subdomains": true, "pins": "google" },
{ "name": "google.jp", "include_subdomains": true, "pins": "google" },
{ "name": "google.kg", "include_subdomains": true, "pins": "google" },
{ "name": "google.ki", "include_subdomains": true, "pins": "google" },
{ "name": "google.kz", "include_subdomains": true, "pins": "google" },
{ "name": "google.la", "include_subdomains": true, "pins": "google" },
{ "name": "google.li", "include_subdomains": true, "pins": "google" },
{ "name": "google.lk", "include_subdomains": true, "pins": "google" },
{ "name": "google.lt", "include_subdomains": true, "pins": "google" },
{ "name": "google.lu", "include_subdomains": true, "pins": "google" },
{ "name": "google.lv", "include_subdomains": true, "pins": "google" },
{ "name": "google.md", "include_subdomains": true, "pins": "google" },
{ "name": "google.me", "include_subdomains": true, "pins": "google" },
{ "name": "google.mg", "include_subdomains": true, "pins": "google" },
{ "name": "google.mk", "include_subdomains": true, "pins": "google" },
{ "name": "google.ml", "include_subdomains": true, "pins": "google" },
{ "name": "google.mn", "include_subdomains": true, "pins": "google" },
{ "name": "google.ms", "include_subdomains": true, "pins": "google" },
{ "name": "google.mu", "include_subdomains": true, "pins": "google" },
{ "name": "google.mv", "include_subdomains": true, "pins": "google" },
{ "name": "google.mw", "include_subdomains": true, "pins": "google" },
{ "name": "google.ne", "include_subdomains": true, "pins": "google" },
{ "name": "google.ne.jp", "include_subdomains": true, "pins": "google" },
{ "name": "google.net", "include_subdomains": true, "pins": "google" },
{ "name": "google.nl", "include_subdomains": true, "pins": "google" },
{ "name": "google.no", "include_subdomains": true, "pins": "google" },
{ "name": "google.nr", "include_subdomains": true, "pins": "google" },
{ "name": "google.nu", "include_subdomains": true, "pins": "google" },
{ "name": "google.off.ai", "include_subdomains": true, "pins": "google" },
{ "name": "google.pk", "include_subdomains": true, "pins": "google" },
{ "name": "google.pl", "include_subdomains": true, "pins": "google" },
{ "name": "google.pn", "include_subdomains": true, "pins": "google" },
{ "name": "google.ps", "include_subdomains": true, "pins": "google" },
{ "name": "google.pt", "include_subdomains": true, "pins": "google" },
{ "name": "google.ro", "include_subdomains": true, "pins": "google" },
{ "name": "google.rs", "include_subdomains": true, "pins": "google" },
{ "name": "google.ru", "include_subdomains": true, "pins": "google" },
{ "name": "google.rw", "include_subdomains": true, "pins": "google" },
{ "name": "google.sc", "include_subdomains": true, "pins": "google" },
{ "name": "google.se", "include_subdomains": true, "pins": "google" },
{ "name": "google.sh", "include_subdomains": true, "pins": "google" },
{ "name": "google.si", "include_subdomains": true, "pins": "google" },
{ "name": "google.sk", "include_subdomains": true, "pins": "google" },
{ "name": "google.sm", "include_subdomains": true, "pins": "google" },
{ "name": "google.sn", "include_subdomains": true, "pins": "google" },
{ "name": "google.so", "include_subdomains": true, "pins": "google" },
{ "name": "google.st", "include_subdomains": true, "pins": "google" },
{ "name": "google.td", "include_subdomains": true, "pins": "google" },
{ "name": "google.tg", "include_subdomains": true, "pins": "google" },
{ "name": "google.tk", "include_subdomains": true, "pins": "google" },
{ "name": "google.tl", "include_subdomains": true, "pins": "google" },
{ "name": "google.tm", "include_subdomains": true, "pins": "google" },
{ "name": "google.tn", "include_subdomains": true, "pins": "google" },
{ "name": "google.to", "include_subdomains": true, "pins": "google" },
{ "name": "google.tp", "include_subdomains": true, "pins": "google" },
{ "name": "google.tt", "include_subdomains": true, "pins": "google" },
{ "name": "google.us", "include_subdomains": true, "pins": "google" },
{ "name": "google.uz", "include_subdomains": true, "pins": "google" },
{ "name": "google.vg", "include_subdomains": true, "pins": "google" },
{ "name": "google.vu", "include_subdomains": true, "pins": "google" },
{ "name": "google.ws", "include_subdomains": true, "pins": "google" },
// Exclude the learn.doubleclick.net subdomain because it uses a different
// CA.
{ "name": "learn.doubleclick.net", "include_subdomains": true },
// Force HTTPS for sites that have requested it.
{ "name": "www.paypal.com", "mode": "force-https" },
{ "name": "www.elanex.biz", "mode": "force-https" },
{ "name": "jottit.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "sunshinepress.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "www.noisebridge.net", "mode": "force-https" },
{ "name": "neg9.org", "mode": "force-https" },
{ "name": "riseup.net", "include_subdomains": true, "mode": "force-https" },
{ "name": "factor.cc", "mode": "force-https" },
{ "name": "members.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "support.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "id.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "lists.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "webmail.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "roundcube.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "aladdinschools.appspot.com", "mode": "force-https" },
{ "name": "ottospora.nl", "include_subdomains": true, "mode": "force-https" },
{ "name": "www.paycheckrecords.com", "mode": "force-https" },
{ "name": "lastpass.com", "mode": "force-https" },
{ "name": "www.lastpass.com", "mode": "force-https" },
{ "name": "keyerror.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "entropia.de", "mode": "force-https" },
{ "name": "www.entropia.de", "mode": "force-https" },
{ "name": "romab.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "logentries.com", "mode": "force-https" },
{ "name": "www.logentries.com", "mode": "force-https" },
{ "name": "stripe.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "cloudsecurityalliance.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "login.sapo.pt", "include_subdomains": true, "mode": "force-https" },
{ "name": "mattmccutchen.net", "include_subdomains": true, "mode": "force-https" },
{ "name": "betnet.fr", "include_subdomains": true, "mode": "force-https" },
{ "name": "uprotect.it", "include_subdomains": true, "mode": "force-https" },
{ "name": "squareup.com", "mode": "force-https" },
{ "name": "cert.se", "include_subdomains": true, "mode": "force-https" },
{ "name": "crypto.is", "include_subdomains": true, "mode": "force-https" },
{ "name": "simon.butcher.name", "include_subdomains": true, "mode": "force-https" },
{ "name": "linx.net", "include_subdomains": true, "mode": "force-https" },
{ "name": "dropcam.com", "mode": "force-https" },
{ "name": "www.dropcam.com", "mode": "force-https" },
{ "name": "ebanking.indovinabank.com.vn", "include_subdomains": true, "mode": "force-https" },
{ "name": "epoxate.com", "mode": "force-https" },
{ "name": "torproject.org", "mode": "force-https", "pins": "tor" },
{ "name": "blog.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
{ "name": "check.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
{ "name": "www.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
{ "name": "dist.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
{ "name": "www.moneybookers.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "ledgerscope.net", "mode": "force-https" },
{ "name": "www.ledgerscope.net", "mode": "force-https" },
{ "name": "kyps.net", "mode": "force-https" },
{ "name": "www.kyps.net", "mode": "force-https" },
{ "name": "app.recurly.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "api.recurly.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "greplin.com", "mode": "force-https" },
{ "name": "www.greplin.com", "mode": "force-https" },
{ "name": "luneta.nearbuysystems.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "ubertt.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "pixi.me", "include_subdomains": true, "mode": "force-https" },
{ "name": "grepular.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "mydigipass.com", "mode": "force-https" },
{ "name": "www.mydigipass.com", "mode": "force-https" },
{ "name": "developer.mydigipass.com", "mode": "force-https" },
{ "name": "www.developer.mydigipass.com", "mode": "force-https" },
{ "name": "sandbox.mydigipass.com", "mode": "force-https" },
{ "name": "www.sandbox.mydigipass.com", "mode": "force-https" },
{ "name": "crypto.cat", "include_subdomains": true, "mode": "force-https", "pins": "cryptoCat" },
{ "name": "bigshinylock.minazo.net", "include_subdomains": true, "mode": "force-https" },
{ "name": "crate.io", "include_subdomains": true, "mode": "force-https" },
{ "name": "twitter.com", "mode": "force-https", "pins": "twitterCom" },
{ "name": "www.twitter.com", "include_subdomains": true, "mode": "force-https", "pins": "twitterCom" },
{ "name": "api.twitter.com", "include_subdomains": true, "pins": "twitterCDN" },
{ "name": "oauth.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
{ "name": "mobile.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
{ "name": "dev.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
{ "name": "business.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
{ "name": "platform.twitter.com", "include_subdomains": true, "pins": "twitterCDN" },
{ "name": "si0.twimg.com", "include_subdomains": true, "pins": "twitterCDN" },
{ "name": "twimg0-a.akamaihd.net", "include_subdomains": true, "pins": "twitterCDN" },
{ "name": "braintreegateway.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "braintreepayments.com", "mode": "force-https" },
{ "name": "www.braintreepayments.com", "mode": "force-https" },
{ "name": "emailprivacytester.com", "mode": "force-https" },
{ "name": "tor2web.org", "include_subdomains": true, "pins": "tor2web" },
{ "name": "business.medbank.com.mt", "include_subdomains": true, "mode": "force-https" },
{ "name": "arivo.com.br", "include_subdomains": true, "mode": "force-https" },
{ "name": "www.apollo-auto.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "www.cueup.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "jitsi.org", "mode": "force-https" },
{ "name": "www.jitsi.org", "mode": "force-https" },
{ "name": "download.jitsi.org", "mode": "force-https" },
{ "name": "sol.io", "include_subdomains": true, "mode": "force-https" },
{ "name": "irccloud.com", "mode": "force-https" },
{ "name": "www.irccloud.com", "mode": "force-https" },
{ "name": "alpha.irccloud.com", "mode": "force-https" },
{ "name": "passwd.io", "include_subdomains": true, "mode": "force-https" },
{ "name": "browserid.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "login.persona.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "neonisi.com", "mode": "force-https" },
{ "name": "www.neonisi.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "shops.neonisi.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "piratenlogin.de", "include_subdomains": true, "mode": "force-https" },
{ "name": "howrandom.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "intercom.io", "mode": "force-https" },
{ "name": "api.intercom.io", "mode": "force-https" },
{ "name": "www.intercom.io", "mode": "force-https" },
{ "name": "fatzebra.com.au", "include_subdomains": true, "mode": "force-https" },
{ "name": "csawctf.poly.edu", "include_subdomains": true, "mode": "force-https" },
{ "name": "makeyourlaws.org", "mode": "force-https" },
{ "name": "www.makeyourlaws.org", "mode": "force-https" },
{ "name": "iop.intuit.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "surfeasy.com", "mode": "force-https" },
{ "name": "www.surfeasy.com", "mode": "force-https" },
{ "name": "packagist.org", "mode": "force-https" },
{ "name": "lookout.com", "mode": "force-https" },
{ "name": "www.lookout.com", "mode": "force-https" },
{ "name": "mylookout.com", "mode": "force-https" },
{ "name": "www.mylookout.com", "mode": "force-https" },
{ "name": "dm.lookout.com", "mode": "force-https" },
{ "name": "dm.mylookout.com", "mode": "force-https" },
{ "name": "itriskltd.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "stocktrade.de", "include_subdomains": true, "mode": "force-https" },
{ "name": "rhcloud.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "openshift.redhat.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "therapynotes.com", "mode": "force-https" },
{ "name": "www.therapynotes.com", "mode": "force-https" },
{ "name": "wiz.biz", "include_subdomains": true, "mode": "force-https" },
{ "name": "my.onlime.ch", "include_subdomains": true, "mode": "force-https" },
{ "name": "webmail.onlime.ch", "include_subdomains": true, "mode": "force-https" },
{ "name": "crm.onlime.ch", "include_subdomains": true, "mode": "force-https" },
{ "name": "www.gov.uk", "include_subdomains": true, "mode": "force-https" },
{ "name": "silentcircle.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "silentcircle.org", "include_subdomains": true, "mode": "force-https" },
{ "name": "serverdensity.io", "include_subdomains": true, "mode": "force-https" },
{ "name": "my.alfresco.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "webmail.gigahost.dk", "include_subdomains": true, "mode": "force-https" },
// Entries that are only valid if the client supports SNI.
{ "name": "gmail.com", "mode": "force-https", "pins": "google", "snionly": true },
{ "name": "googlemail.com", "mode": "force-https", "pins": "google", "snionly": true },
{ "name": "www.gmail.com", "mode": "force-https", "pins": "google", "snionly": true },
{ "name": "www.googlemail.com", "mode": "force-https", "pins": "google", "snionly": true },
{ "name": "google-analytics.com", "include_subdomains": true, "pins": "google", "snionly": true },
{ "name": "googlegroups.com", "include_subdomains": true, "pins": "google", "snionly": true }
]
}