It is common for sites to be hosted on the `www` subdomain. In that case, the user may never see HSTS for the parent domain.

The current best practice is to load a small resource (e.g. a 1x1 image) from www.example.com to example.com. It would be nice to have a standard place and format for this, e.g. an image near the top of the body, or a header tag with something like `rel=prime-hsts` that is guaranteed to be loaded per spec.

Note that Safari apparently ignores HSTS on subresources that are not "first-party", which basically means you can only use the 1-pixel probe on ancestor domains.

If we have a robust way for developers to implement this and for a simple program to check it (i.e. using just an HTML parser rather than a full-blown browser emulator), we can waive the "redirect to HTTPS first" requirement for https://hstspreload.appspot.com/