Serve HTTP Strict Transport Security headers
libre.fm should be serving HTTP Strict Transport Security headers, and should probably be on the preload list as well. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security