Paypal is preloaded, so you're not required to start with HTTPS. https://hstspre... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		judge2020 on Feb 25, 2020 \| parent \| context \| favorite \| on: Critical PayPal Security Hack: Multiple Thefts Now... Paypal is preloaded, so you're not required to start with HTTPS. https://hstspreload.org/?domain=paypal.com

Retric on Feb 25, 2020 [–]

While that includes Chrome, Safari, Firefox, IE, and Edge that’s not every browser and it’s a really bad habit to get into. Especially as the preload lists are yet another attack surface.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact