Je me demande si Firefox ne "revend" pas quelque chose qui existe depuis longtemps.
à savoir la liste des sites pour lequel le HSTS est préchargé dans le navigateur avant la première visite.
J'ai l'info :
D'après les commentaires dans le code :
/**
* Select the best prefix for a host, based on existing pages registered for it.
* Prefixes have a priority, from the top to the bottom, so that secure pages
* have higher priority, and more generically "www." prefixed hosts come before
* unprefixed ones.
* Given a host, examine associated pages and:
* - if at least half the typed pages start with
https://www. return
https://www.
* - if at least half the typed pages start with https:// return https://
* - if all of the typed pages start with ftp: return ftp://
* - This is because mostly people will want to visit the http version
* of the site.
* - if at least half the typed pages start with www. return www.
* - otherwise don't use any prefix
*/