Headless chromium should have an option to suppress HSTS
Reported by
dylan.ay...@getcruise.com,
Jun 15 2018
|
||||
Issue descriptionUserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36 Steps to reproduce the problem: 1. Chromium has a few options to surpress HSTS, chrome://net-internals/#hsts, typing "this is unsafe" etc... 2. Headless Chromium (to the best of my knowledge) has no flag or setting to disable HSTS 3. In order to visit insecure websites or subdomains with HSTS set in headless mode, I need to suppress HSTS What is the expected behavior? There should be a way to suppress HSTS in headless Chromium What went wrong? There is no way I know of to suppress HSTS in headless mode Did this work before? N/A Does this work in other browsers? N/A Chrome version: 66.0.3359.117 Channel: n/a OS Version: OS X 10.13.3 Flash Version:
,
Jun 17 2018
,
Aug 27
Just wondering if there's any updates on this, if it's ever planned, etc?
,
Oct 17
Thanks for filing the issue! The issue seems to be related to Headless chromium hence adding label TE-NeedsTriageHelp and requesting someone from respective team to have a look into this and help in further triaging it. CC'ing one of the developers from "Internals>Headless" team, caseq@ for more inputs.
,
Oct 17
|
||||
►
Sign in to add a comment |
||||
Comment 1 by kapishnikov@chromium.org
, Jun 15 2018