I am trying to submit my site (https://ari-web.xyz/ (https://ari-web.netlify.app)) to the HSTS submission list, and sometimes I get this error:
Error: HTTP redirects to www first `http://ari-web.xyz` (HTTP) should immediately redirect to `https://ari-web.xyz` (HTTPS) before adding the www subdomain. Right now, the first redirect is to `https://www.ari-web.xyz/`. The extra redirect is required to ensure that any browser which supports HSTS will record the HSTS entry for the top level domain, not just the subdomain.
But sometimes it just works… I am confused why or how:
Status: ari-web.xyz is pending submission to the preload list.
By chanse if you try enough times you will get red,
is it an issue with my redirects and stuff? …
I’m just like really confused, some people get green, some red, I get both, just a whole mess, why is that, can I somehow fix it?
HSTS preload url: HSTS Preload List Submission
I only submitted it few days ago, but I only started getting weird errors today
Thanks for any help
Even after playing around in dev tools I can see the random behaviour, sometimes I get a direct redirect to www subdomain over https, sometimes I get redirected to https (top level) then https (www), very confusing, my dns seems fine, is it maybe netlify’s fault? not sure
Forgot to link the source code: GitHub - TruncatedDinosour/website: Ari-web source code (previously ari['s] web[site])
You are wishing to use
ari-web.xyz as the primary/default domain, not
www.ari-web.xyz is configured as the primary domain. You can change this behaviour in the Custom Domains section of the UI
I fully understand this, but the issue is that
it randomly redirects, I always want it to be:
while it is most of the time like that, sometimes this happens:
And as redirection to
https://ari-web.xyz/ is necessary for HSTS I cannot make it stable… how would I make it, well, stable and follow http → https → https (www)
If you can produce this, please provide the
x-nf-request-id for this in or that Netlify can investigate. My understanding is this is not correct behaviour.
@coelmay Surely, will reply as soon as I can
@coelmay I am having trouble reproducing it in the browser,
I can only really reproduce it in the HSTS Preload List Submission website, which does not show any headers… only red and it’s quite random, though I have reproduced it before, any way to get back the request which I have reproduced the bug or whatever it may be? it should be there as in the making of this thread I did reproduce it
Given the sheer number of requests Netlify would see in a day, it is likely near impossible (very time-consuming at least) to find a specific request based on an error message. That’s why the
x-nf-request-id is required for troubleshoot purposes.
Another question is how many times you have tried submitting your site? You say sometimes you get green, sometimes red (with error) suggesting you are doing it multiple times. There is only a need to do it once is there not?
The red happens randomly, I tried checking the status of the site (submitting) at least like 10 times to try to reproduce it, but usually like 1 is enough, it’s completely random and more frequent at times
for now at least, it seems good, tried doing it multiple times with no error, will try to debug and stuff, if I manage to get hold of the ID I will send it to you
sorry forgot to update,
everything was okay after I reported this,
I got into HSTS preload list and all that fine
I’m facing the same problem. When I do
curl -I http://material-ui.com/ it redirects directly to
https://mui.com/core/ without doing a hop to
https://material-ui.com/ first. I have the following in my
http://material-ui.com/* https://material-ui.com/:splat 301!
https://material-ui.com/ https://mui.com/core/ 301!
https://material-ui.com/* https://mui.com/:splat 301!
X-Nf-Request-Id: 01GDR3V2SC77297JD6EJWAC2GV. It’s red HSTS Preload List Submission
You should be fine actually, dw about it,
I got into the HSTS preload list fine
For folks who return to this thread, we’ve filed an escalation for the devs to look at and we’d update the thread as we have more info.
Very nice, the devs have a lot of work
to do because of me now xD i feel sorry for
them ngl, thank you though
This is something we have very recently fixed as part of this bugfix: Improvements to TLS and primary domain redirects for non-static assets
The change is slowly rolling out and only applies to Starter & Pro customers right now. It will soon roll to all customers.
I confirmed that for @B00bleaTea both the root and the www variant have the correct TLS redirect behaviour now.
@oliviertassinari it looks like you’re on a higher plan, so i opted in your site explicitly and it seems to behave correctly now.