From c465e6b79b989f944f952e3869d110be0894792a Mon Sep 17 00:00:00 2001 From: ffxbld Date: Sat, 18 Jan 2014 03:20:19 -0800 Subject: [PATCH] No bug, Automated HSTS preload list update from host bld-linux64-ec2-438 - a=hsts-update --- .../manager/boot/src/nsSTSPreloadList.errors | 79 ++++++++++--------- .../manager/boot/src/nsSTSPreloadList.inc | 44 ++++++++++- 2 files changed, 81 insertions(+), 42 deletions(-) diff --git a/security/manager/boot/src/nsSTSPreloadList.errors b/security/manager/boot/src/nsSTSPreloadList.errors index 7440ca58b92..5cc9f625245 100644 --- a/security/manager/boot/src/nsSTSPreloadList.errors +++ b/security/manager/boot/src/nsSTSPreloadList.errors @@ -1,51 +1,51 @@ -accounts.google.com: max-age too low: 2592000 alpha.irccloud.com: could not connect to host api.mega.co.nz: could not connect to host api.recurly.com: did not receive HSTS header api.simple.com: did not receive HSTS header -apis.google.com: did not receive HSTS header -appengine.google.com: did not receive HSTS header +apis.google.com: did not receive HSTS header (error ignored - included regardless) +appengine.google.com: did not receive HSTS header (error ignored - included regardless) bcrook.com: max-age too low: 86400 betnet.fr: could not connect to host bigshinylock.minazo.net: could not connect to host braintreegateway.com: did not receive HSTS header braintreepayments.com: did not receive HSTS header browserid.org: did not receive HSTS header +business.medbank.com.mt: did not receive HSTS header carlolly.co.uk: did not receive HSTS header cert.se: max-age too low: 2628001 -checkout.google.com: did not receive HSTS header -chrome-devtools-frontend.appspot.com: did not receive HSTS header -chrome.google.com: did not receive HSTS header -cloud.google.com: did not receive HSTS header -code.google.com: did not receive HSTS header -codereview.chromium.org: did not receive HSTS header +checkout.google.com: did not receive HSTS header (error ignored - included regardless) +chrome-devtools-frontend.appspot.com: did not receive HSTS header (error ignored - included regardless) +chrome.google.com: did not receive HSTS header (error ignored - included regardless) +cloud.google.com: did not receive HSTS header (error ignored - included regardless) +code.google.com: did not receive HSTS header (error ignored - included regardless) +codereview.chromium.org: did not receive HSTS header (error ignored - included regardless) crate.io: did not receive HSTS header crowdcurity.com: did not receive HSTS header crypto.is: did not receive HSTS header csawctf.poly.edu: did not receive HSTS header -dl.google.com: did not receive HSTS header -docs.google.com: did not receive HSTS header -drive.google.com: did not receive HSTS header +dl.google.com: did not receive HSTS header (error ignored - included regardless) +docs.google.com: did not receive HSTS header (error ignored - included regardless) +drive.google.com: did not receive HSTS header (error ignored - included regardless) dropcam.com: did not receive HSTS header email.lookout.com: could not connect to host emailprivacytester.com: did not receive HSTS header -encrypted.google.com: did not receive HSTS header +encrypted.google.com: did not receive HSTS header (error ignored - included regardless) espra.com: could not connect to host fatzebra.com.au: did not receive HSTS header fj.simple.com: did not receive HSTS header get.zenpayroll.com: did not receive HSTS header -glass.google.com: did not receive HSTS header +getcloak.com: max-age too low: 2678400 +glass.google.com: did not receive HSTS header (error ignored - included regardless) gmail.com: did not receive HSTS header -gocardless.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-hsts-000000000000000/getHSTSPreloadList.js :: processStsHeader :: line 124" data: no] +gocardless.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-hsts-000000000000000/getHSTSPreloadList.js :: processStsHeader :: line 125" data: no] googlemail.com: did not receive HSTS header -googleplex.com: could not connect to host -goto.google.com: did not receive HSTS header +googleplex.com: could not connect to host (error ignored - included regardless) +goto.google.com: did not receive HSTS header (error ignored - included regardless) greplin.com: did not receive HSTS header grepular.com: max-age too low: 8640000 -groups.google.com: did not receive HSTS header -haste.ch: could not connect to host -history.google.com: did not receive HSTS header -hostedtalkgadget.google.com: did not receive HSTS header +groups.google.com: did not receive HSTS header (error ignored - included regardless) +history.google.com: did not receive HSTS header (error ignored - included regardless) +hostedtalkgadget.google.com: did not receive HSTS header (error ignored - included regardless) id.atlassian.com: did not receive HSTS header in.xero.com: max-age too low: 3600 iop.intuit.com: max-age too low: 86400 @@ -58,9 +58,9 @@ liberty.lavabit.com: could not connect to host lifeguard.aecom.com: max-age too low: 3600 lists.mayfirst.org: did not receive HSTS header logentries.com: did not receive HSTS header -lumi.do: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-hsts-000000000000000/getHSTSPreloadList.js :: processStsHeader :: line 124" data: no] -mail.google.com: did not receive HSTS header -market.android.com: did not receive HSTS header +lumi.do: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-hsts-000000000000000/getHSTSPreloadList.js :: processStsHeader :: line 125" data: no] +mail.google.com: did not receive HSTS header (error ignored - included regardless) +market.android.com: did not receive HSTS header (error ignored - included regardless) medium.com: max-age too low: 2592000 my.alfresco.com: did not receive HSTS header mydigipass.com: did not receive HSTS header @@ -77,41 +77,42 @@ passport.yandex.ua: did not receive HSTS header paypal.com: max-age too low: 14400 payroll.xero.com: max-age too low: 3600 platform.lookout.com: could not connect to host -play.google.com: did not receive HSTS header -plus.google.com: did not receive HSTS header -plus.sandbox.google.com: did not receive HSTS header -profiles.google.com: did not receive HSTS header +play.google.com: did not receive HSTS header (error ignored - included regardless) +plus.google.com: did not receive HSTS header (error ignored - included regardless) +plus.sandbox.google.com: did not receive HSTS header (error ignored - included regardless) +profiles.google.com: did not receive HSTS header (error ignored - included regardless) rapidresearch.me: did not receive HSTS header romab.com: max-age too low: 2628000 sah3.net: could not connect to host saturngames.co.uk: did not receive HSTS header -script.google.com: did not receive HSTS header -security.google.com: did not receive HSTS header +script.google.com: did not receive HSTS header (error ignored - included regardless) +security.google.com: did not receive HSTS header (error ignored - included regardless) serverdensity.io: did not receive HSTS header shops.neonisi.com: could not connect to host silentcircle.org: could not connect to host simon.butcher.name: max-age too low: 2629743 -sites.google.com: did not receive HSTS header +sites.google.com: did not receive HSTS header (error ignored - included regardless) sol.io: could not connect to host -spreadsheets.google.com: did not receive HSTS header +spreadsheets.google.com: did not receive HSTS header (error ignored - included regardless) square.com: did not receive HSTS header -ssl.google-analytics.com: did not receive HSTS header +ssl.google-analytics.com: did not receive HSTS header (error ignored - included regardless) ssl.panoramio.com: did not receive HSTS header sunshinepress.org: could not connect to host surfeasy.com: did not receive HSTS header -talk.google.com: did not receive HSTS header -talkgadget.google.com: did not receive HSTS header -translate.googleapis.com: did not receive HSTS header +talk.google.com: did not receive HSTS header (error ignored - included regardless) +talkgadget.google.com: did not receive HSTS header (error ignored - included regardless) +translate.googleapis.com: did not receive HSTS header (error ignored - included regardless) uprotect.it: could not connect to host -wallet.google.com: did not receive HSTS header +wallet.google.com: did not receive HSTS header (error ignored - included regardless) whonix.org: did not receive HSTS header www.cueup.com: did not receive HSTS header www.developer.mydigipass.com: could not connect to host www.dropcam.com: max-age too low: 2592000 www.elanex.biz: did not receive HSTS header +www.getcloak.com: max-age too low: 2678400 www.gmail.com: did not receive HSTS header www.googlemail.com: did not receive HSTS header -www.gov.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-hsts-000000000000000/getHSTSPreloadList.js :: processStsHeader :: line 124" data: no] +www.gov.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-hsts-000000000000000/getHSTSPreloadList.js :: processStsHeader :: line 125" data: no] www.greplin.com: could not connect to host www.jitsi.org: did not receive HSTS header www.lastpass.com: did not receive HSTS header @@ -120,7 +121,7 @@ www.logentries.com: did not receive HSTS header www.moneybookers.com: did not receive HSTS header www.neonisi.com: could not connect to host www.paycheckrecords.com: max-age too low: 86400 -www.paypal.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-hsts-000000000000000/getHSTSPreloadList.js :: processStsHeader :: line 124" data: no] +www.paypal.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /builds/slave/m-cen-l64-hsts-000000000000000/getHSTSPreloadList.js :: processStsHeader :: line 125" data: no] www.sandbox.mydigipass.com: could not connect to host www.surfeasy.com: did not receive HSTS header zoo24.de: did not receive HSTS header diff --git a/security/manager/boot/src/nsSTSPreloadList.inc b/security/manager/boot/src/nsSTSPreloadList.inc index 838eb4e3c7a..35f577f2c0a 100644 --- a/security/manager/boot/src/nsSTSPreloadList.inc +++ b/security/manager/boot/src/nsSTSPreloadList.inc @@ -8,7 +8,7 @@ /*****************************************************************************/ #include -const PRTime gPreloadListExpirationTime = INT64_C(1399719973983000); +const PRTime gPreloadListExpirationTime = INT64_C(1400929573943000); class nsSTSPreload { @@ -18,11 +18,14 @@ class nsSTSPreload }; static const nsSTSPreload kSTSPreloadList[] = { + { "accounts.google.com", true }, { "aladdinschools.appspot.com", false }, { "alpha.irccloud.com", false }, { "api.intercom.io", false }, { "api.xero.com", false }, + { "apis.google.com", true }, { "app.recurly.com", false }, + { "appengine.google.com", false }, { "appseccalifornia.org", true }, { "arivo.com.br", true }, { "bank.simple.com", false }, @@ -36,13 +39,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blueseed.co", false }, { "bugzilla.mozilla.org", true }, { "business.lookout.com", false }, - { "business.medbank.com.mt", true }, { "carezone.com", false }, { "check.torproject.org", false }, + { "checkout.google.com", true }, + { "chrome-devtools-frontend.appspot.com", true }, + { "chrome.google.com", true }, { "chromiumcodereview.appspot.com", false }, + { "cloud.google.com", true }, { "cloudns.com.au", true }, { "cloudsecurityalliance.org", true }, + { "code.google.com", true }, { "codereview.appspot.com", false }, + { "codereview.chromium.org", true }, { "conformal.com", true }, { "controlcenter.gigahost.dk", true }, { "crm.onlime.ch", false }, @@ -55,25 +63,36 @@ static const nsSTSPreload kSTSPreloadList[] = { { "davidlyness.com", true }, { "developer.mydigipass.com", false }, { "dist.torproject.org", false }, + { "dl.google.com", true }, { "dm.lookout.com", false }, { "dm.mylookout.com", false }, + { "docs.google.com", true }, { "download.jitsi.org", false }, + { "drive.google.com", true }, { "ebanking.indovinabank.com.vn", false }, { "ecosystem.atlassian.net", true }, { "eff.org", true }, + { "encrypted.google.com", true }, { "entropia.de", false }, { "epoxate.com", false }, { "errors.zenpayroll.com", false }, { "espra.com", true }, + { "f-droid.org", true }, { "factor.cc", false }, { "faq.lookout.com", false }, { "forum.linode.com", false }, { "forum.quantifiedself.com", true }, { "gernert-server.de", true }, - { "getlantern.org", true }, + { "getlantern.org", false }, + { "glass.google.com", true }, { "go.xero.com", false }, + { "googleplex.com", true }, + { "goto.google.com", true }, { "grc.com", false }, + { "groups.google.com", true }, { "haste.ch", true }, + { "history.google.com", true }, + { "hostedtalkgadget.google.com", true }, { "howrandom.org", true }, { "id.mayfirst.org", false }, { "inertianetworks.com", true }, @@ -96,9 +115,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lumi.do", false }, { "luneta.nearbuysystems.com", false }, { "mail.de", true }, + { "mail.google.com", true }, { "makeyourlaws.org", false }, { "manage.zenpayroll.com", false }, { "manager.linode.com", false }, + { "market.android.com", true }, + { "matteomarescotti.name", true }, { "mattmccutchen.net", true }, { "mediacru.sh", true }, { "mega.co.nz", false }, @@ -111,6 +133,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mylookout.com", false }, { "neg9.org", false }, { "oplop.appspot.com", true }, + { "opsmate.com", false }, { "p.linode.com", false }, { "passwd.io", true }, { "paste.linode.com", false }, @@ -120,27 +143,40 @@ static const nsSTSPreload kSTSPreloadList[] = { { "paymill.de", false }, { "piratenlogin.de", true }, { "pixi.me", true }, + { "play.google.com", false }, + { "plus.google.com", true }, + { "plus.sandbox.google.com", true }, + { "profiles.google.com", true }, { "publications.qld.gov.au", false }, { "riseup.net", true }, { "roundcube.mayfirst.org", false }, { "sandbox.mydigipass.com", false }, + { "script.google.com", true }, + { "security.google.com", true }, { "securityheaders.com", true }, { "shodan.io", true }, { "silentcircle.com", false }, { "simbolo.co.uk", false }, { "simple.com", false }, + { "sites.google.com", true }, { "skydrive.live.com", false }, + { "spreadsheets.google.com", true }, { "squareup.com", false }, + { "ssl.google-analytics.com", true }, { "stocktrade.de", false }, { "stripe.com", true }, { "strongest-privacy.com", true }, { "support.mayfirst.org", false }, { "surkatty.org", true }, + { "talk.google.com", true }, + { "talkgadget.google.com", true }, { "tent.io", true }, { "therapynotes.com", false }, { "torproject.org", false }, + { "translate.googleapis.com", true }, { "twitter.com", false }, { "ubertt.org", true }, + { "wallet.google.com", true }, { "webmail.gigahost.dk", false }, { "webmail.mayfirst.org", false }, { "webmail.onlime.ch", false }, @@ -153,6 +189,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "www.entropia.de", false }, { "www.gov.uk", false }, { "www.grc.com", false }, + { "www.heliosnet.com", true }, { "www.intercom.io", false }, { "www.irccloud.com", false }, { "www.linode.com", false }, @@ -161,6 +198,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "www.mydigipass.com", false }, { "www.mylookout.com", false }, { "www.noisebridge.net", false }, + { "www.opsmate.com", true }, { "www.simbolo.co.uk", false }, { "www.simple.com", false }, { "www.therapynotes.com", false },