Bypass HSTS on local dev sites

HTTP Strict Transport Security will BLOCK your dev site if it is using a self signed certificate. And once the browser has given you that, it remembers it, so fixing it doesn’t help until you fix Firefox/Chrome.

Firefox

  • Close any tabs
  • Ctrl + Shift + H (Cmd + Shift + H on Mac)
  • Find the site in question
  • Right click, forget about this site
  • Close and reopen browser
  • Add certificate exception this time 😎

Chrome

  • chrome://net-internals/#hsts
  • type the hostname into the Query Domain
  • If found, enter the domain in the Delete domain section 😎

 

Advertisements