HSTS 由Chromium/Google管理 在 https://chromium.googlesource.com/chromium/src/net/+/master/http/transport_security_state_static.json .

The defacto central master list for HSTS is managed by Chromium / Google at https://chromium.googlesource.com/chromium/src/net/+/master/http/transport_security_state_static.json .

可在 Wikipedia href ="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security#Browser_support"中找到支持HSTS的浏览器列表.一个>. 由于是封闭源，因此似乎无法获得有关Opera，Safari，IE等如何处理其预加载列表的信息.

A list of Browsers supporting HSTS (and presumably having preload lists) can be found at Wikipedia. Being closed source, information on how Opera, Safari, IE, etc. handle their preloaded lists seem to be unavailable.

Microsoft Edge团队状态

The Microsoft Edge Team state in their Blog, that

与其他已实现此功能的浏览器一样，Microsoft Edge和Internet Explorer 11的预加载列表基于Chromium HSTS预加载列表.

对于Firefox，该列表位于/source/mozilla/该文件生成了security/manager/ssl/nsSTSPreloadList.inc /source/mozilla/security/manager/tools/getHSTSPreloadList.js ，我们可以从那一行看到

For Firefox, the list at /source/mozilla/security/manager/ssl/nsSTSPreloadList.inc is generated by the file /source/mozilla/security/manager/tools/getHSTSPreloadList.js, where we can see from the line

const SOURCE = "https://chromium.googlesource.com/chromium/src/net/+/master/http/transport_security_state_static.json?format=TEXT";

它只是主列表"的一个副本，已解析为Firefox`格式. 它所做的只是为列表中的每个域提供一个额外的验证运行，并具有所需的HSTS标头(通过连接到它；它似乎每天从vcs日志中执行).

that it is merely a clone of the "master list", parsed into Firefox` format. All it does is an additional verification run for each domain in the list to be available and have the required HSTS header (by connecting to it; which it seems to do daily, from the vcs log).

Palemoon 遵循此过程，其他浏览器供应商也可能会执行相同的. 因此，您的列表之间的关系似乎是:只有一个.

Palemoon follows this procedure and it is likely that other browser vendors do the same. So it seems the relationship between your lists is: there is only one.