Update HSTS preload list submission url

FallibleInc · eb1c925dc847215a61dc09847f1b1c61960afc4b · bungoume committed on GitHub Feb 20, 2017 · Feb 20, 2017 · eb1c925
1 parent 8de7a5a
commit eb1c925dc847215a61dc09847f1b1c61960afc4b
Unified Split

Showing with 1 addition and 1 deletion.

+1 −1 security-checklist.md
diff --git a/security-checklist.md b/security-checklist.md
@@ -42,7 +42,7 @@
 - [ ] `Add` [CSP](https://en.wikipedia.org/wiki/Content_Security_Policy) header to mitigate XSS and data injection attacks. This is important.
 - [ ] `Add` [CSRF](https://en.wikipedia.org/wiki/Cross-site_request_forgery) header to prevent cross site request forgery. Also add [SameSite](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00) attributes on cookies.
 - [ ] `Add` [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) header to prevent SSL stripping attack.
-- [ ] `Add` your domain to the [HSTS Preload List](https://hstspreload.appspot.com/)
+- [ ] `Add` your domain to the [HSTS Preload List](https://hstspreload.org/)
 - [ ] `Add` [X-Frame-Options](https://en.wikipedia.org/wiki/Clickjacking#X-Frame-Options) to protect against Clickjacking.
 - [ ] `Add` [X-XSS-Protection](https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-XSS-Protection) header to mitigate XSS attacks.
 - [ ] Update DNS records to add [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework) record to mitigate spam and phishing attacks.