Skip to content
/ NoLocalHSTS Public

Prevent HSTS for Localhost responses

9 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ericlaw1979/NoLocalHSTS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
StoreAssets
StoreAssets
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
localhost.json
localhost.json
 
 
manifest.json
manifest.json
 
 

Repository files navigation

Note: This extension is not needed in Chrome 132+, because we've updated Chromium to ignore HSTS on localhost responses.

A simple extension that disables HSTS for localhost on every response.

You can install from the Chrome Web Store.

This helps prevent unexpected use of HTTPS for developers building a mix of HTTP and HTTPS services.

See e.g. https://issues.chromium.org/issues/41251622 and https://textslashplain.com/2020/02/26/can-i-in-the-new-edge/#:~:text=HSTS%20for%20localhost%20sites for discussion.

Note: This extension will remove any HSTS Record for localhost each time a https://localhost/* request is made. However, without such a HTTPS request, it cannot itself delete a HSTS rule that was set before the extension was installed. To manually delete any existing record, visit about://net-internals/#hsts, type localhost in the Delete domain security policies box, and click the Delete button: Manual Delete

About

Prevent HSTS for Localhost responses

Resources

Readme
Activity

Stars

9 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published