For most browsers, this is usually implied by the header itself,
however for HSTS to be effective you need to submit your root domain to
hstspreload.org. If "preload" is not in the header, it will reject your
domain.
Signed-off-by: r3g_5z <june@terezi.dev>
It's an IE8-era header where Adobe products used to use the IE engine
when making outbound web requests to embed webpages such as
Adobe Acrobat. This is something that a secure and modern CSP would
protect against.
Signed-off-by: r3g_5z <june@terezi.dev>