-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Shaun Donnelly
committed
Jun 27, 2016
1 parent
cecdf2c
commit 583bf56
Showing
1 changed file
with
29 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
--- | ||
layout: post | ||
title: "How To Bypass Chrome's HSTS Warnings" | ||
date: 2016-06-27 12:00:00:00 | ||
author: shaun | ||
categories: Chrome Security | ||
--- | ||
# Background | ||
|
||
In Chrome, when you're using a self signed SSL certificate | ||
you'll sometimes see a warning message that you have to click through before | ||
being allowed on to your page. | ||
|
||
Newer versions of Chrome take this further, where if your self signed certificate | ||
is super out of date, you don't even get the option to click through and ignore | ||
the message. | ||
|
||
# The Workaround | ||
|
||
First of all, please note that you should only ever use this on servers you | ||
control and are absolutely sure are not compromised. These warnings are there | ||
for a reason. | ||
|
||
Having said that, if you're reading this you're probably a web developer and know | ||
what you're doing. | ||
|
||
The simple workaround here is just to type `badidea` anywhere into the page. The | ||
page will load as normal, and it will continue to do so as long as your session | ||
continues. |