发表新帖
发表新帖

Chrome redirects .dev to https

前端 未结
关注
7 1279
萌比男神i
萌比男神i 2020-11-27 06:40

Suddenly Google Chrome redirects my virtual-host domain myapplication.dev to https://myapplication.dev. I already tried to go to

chrome://net-interna

相关标签:
7条回答
  • 闹比i
    2020-11-27 07:18

    For Firefox: you can disable the property network.stricttransportsecurity.preloadlist by visiting the address : about:config .

    For IE it seems to be still working .

    For Chrome, there is no solution, I think it's hardcoded in the source code.

    See that article : How to prevent Firefox and Chrome from forcing dev and foo domains to use https

    0 讨论(0)
  • 被撕碎了的回忆
    2020-11-27 07:23

    May be worth noticing that there are other TLD that are forced to https: https://chromium.googlesource.com/chromium/src.git/+/63.0.3239.118/net/http/transport_security_state_static.json#262

    google, dev, foo, page, app and chrome right now.

    0 讨论(0)
  • 心在旅途
    2020-11-27 07:26

    MacOS Sierra, Apache: After Chrome 63 forces .dev top level domains to HTTPS via preloaded HSTS phpmyadmin on my mac stop works. I read this and just edit /etc/apache2/extra/http-vhosts.conf file:

    <VirtualHost *:80>
  DocumentRoot "/Users/.../phpMyAdmin-x.y.z"
  ServerName phpmyadmin.localhost
</VirtualHost>

    and restart apache (by sudo /usr/sbin/apachectl stop; sudo /usr/sbin/apachectl start ) - and now it works on http://phpmyadmin.localhost :) . For laravel applications solution is similar.

    The nice thing is that using *.localhost top level domain when you set up new project you can forget about editing /etc/hosts.

    How cool is that? :)

    There's also an excellent proposal to add the .localhost domain as a new standard, which would be more appropriate here.

    UPDATE 2018

    Using *.localhost is not good - some applications will not support it like cURL (used by php-guzzle) - more details here. Better is to use *.local.

    0 讨论(0)
  • 春和景丽
    2020-11-27 07:27

    Check that link

    https://laravel-news.com/chrome-63-now-forces-dev-domains-https

    Based on this article by Danny Wahl he recommends you use one of the following: “.localhost”, “.invalid”, “.test”, or “.example”.

    0 讨论(0)
  • 感情败类
    2020-11-27 07:30

    There is no way to prevent Chrome (>= 63) form using https on .dev domain names.
    Google now owns the official .dev tld and has already stated that they will not remove this functionality.

    The recommendation is to use another tld for development purposes, such as .localhost or .test.

    More information about this update can be found in this article by Mattias Geniar.

    0 讨论(0)
  • 渐次进展
    2020-11-27 07:37

    This problem can't be fixed. Below is the reason:

    1. Google owns .dev gTLD
    2. Chrome forces HTTP to HTTPS on .dev domain directly within the source code.

    From the 2nd link below:

    ...
// eTLDs
// At the moment, this only includes Google-owned gTLDs,
// but other gTLDs and eTLDs are welcome to preload if they are interested.
{ "name": "google", "include_subdomains": true, "mode": "force-https", "pins": "google" },
{ "name": "dev", "include_subdomains": true, "mode": "force-https" },
{ "name": "foo", "include_subdomains": true, "mode": "force-https" },
{ "name": "page", "include_subdomains": true, "mode": "force-https" },
{ "name": "app", "include_subdomains": true, "mode": "force-https" },
{ "name": "chrome", "include_subdomains": true, "mode": "force-https" },
...

    References

    • ICANN Wiki Google
    • Chromium Source - transport_security_state_static.json
    0 讨论(0)
 看不清?
提交回复
热议问题