Your website must set
SECURE_HSTS_PRELOAD in order to be submitted to Chrome's list of sites that are hardcoded as being HTTPS only.
preload to the HSTS header when
SECURE_HSTS_PRELOAD = True to facilitate this.
Browsers that use the HSTS preload list will perform HTTPS requests without your website first returning a response with a HSTS header.
If our GitHub code review bot spots this issue in your pull request it gives this advice: