The development on chrome has become harder and harder, my react application on localhost is not working because its been hosted on http://localhost:3000. It works in Firefox
I know chrome is getting smart and preventing from loading insecure content by changing to https, but that's painful for testing in localhost
I know we can fix this by disabling some feature in chrome://flags/, can someone tell me which one is it and can I just do it for localhost. Chrome version Version 79.0.3945.130
The flag to check is allow-insecure-localhost.
Check out this answer also: https://superuser.com/questions/772762/how-can-i-disable-security-checks-for-localhost
Edit: You're using the wrong tag as it's not a React related question, also as I'm reading again the question it's unclear if your problem is that you're being redirected from http to https, or you're having some CORS related problem or something else.
Related
I'm running a Spring Boot application with an Angular 6 front end, on a Windows 8 server with IIS 8.5 set up as the reverse proxy (redirecting the site URL to localhost:8090) Originally I had a problem where all the PUT requests from the front end return 403, but only with Chrome and Safari, not Firefox. GET and POST requests are fine.
I am not an expert on setting up IIS, or proxy servers, by my guess is that this was because IIS was stripping out the headers that allowed CORS requests, and possibly other headers as well.
This original problem I fixed on the unsecure site, with the help of this SE: Modifying headers with IIS7 Application Request Routing
However, now the same thing is happening on the HTTPS secure site, and I don't understand what setting I should change to make this work as well.
I would also like to better understand the reason why this is failing on the secure site but not the unsecure site, and also why it fails on Chrome but not Firefox.
Cannot work with firebase projects locally (I guess after Chrome auto-update). I guess it's not firebase related but Google services in general.
I get CORS error despite the fact I don't use it. CORS extension is disabled.
Error: https://securetoken.googleapis.com/v1/token?key=AIzaSyB2rVH5oURUwciXasOeGlTNW7Lye6naCn0: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://localhost:3000' that is not equal to the supplied origin. Origin 'http://localhost:3000' is therefore not allowed access.
I have tested Safari and it works, so the issue is Chrome related
I'm not an expert on this topic, but as far as I understand Chrome restricted http stuff even more.
I couldn't use https://localhost:3000 as there was no https server
I run webpack server for my js code and I've found solution to set HTTPS=true environment variable and it will enable the https option in webpack dev server.
Chrome doesn't respect such SSL certificate, but if you click Advanced -> Proceed then everything works and I don't get CORS issue any longer.
It may be a better option to generate some SSL certificate that Chrome respects so that you don't have to click Advanced -> Proceed every time, but I'm good with this for now as I can continue working on my projects.
The application is working on my Local Tomcat server. For some pages Firefox suspends, the status shows "Waiting for gg.google.com". The same page is easily achieved by Chrome.
Also, I need to mention that some icons with URLs on the Web page are not present in my server, so Firefox is losing time trying to get them
Yes, as Olaf Knock hinted, disabling JavaScript debugging in Firebug solved the problem. See https://briancaos.wordpress.com/2009/07/01/waiting-for-gg-google-com/
I made a web page, its hosted on a server with no ssl support (nor does it need any). Anyways, all was well when I handed it over couple weeks ago but since yesterday something weird started happening.
On some computers (like half that I've tried), chrome automatically redirects the website to https which doesn't work so you get the warning page. I tried emptying the browser cache, restarting the browser, reinstalling the browser but it still happens, when i do a clean install and type in http://mysitename.com it still goes to https://mysitename.com, and only on those computers, I just don't get it.
On the flipside, on the computers where the page works fine, when I type in the https url into chrome, it goes to the http page, as it should.
What could be going on here?
Chrome added a "HTTPS: 1" header by default in its last version.
As a result, Chrome asks your server to respond with the HTTPS version if available.
=> You have either to disable the SSL mod on your server, or to deploy a valid certificate on it.
Wow, would have been nice to hear about this. I had the site working fine on Thursday night (no SSL installed) and by Friday, Chrome (and only Chrome) is showing it as a security risk (on antivirus) because it's redirecting to wrong domain.
I've tried all the fixes. Now I guess it's SSL or nothing?
my company's website is experiencing problems with Chrome when users use POST actions (forms and XHR) over https. In most cases the response never arrives. The app server logs the responses as 200, though.
The problem never occurs with local (non-https) instances, and I can only reproduce it with certain settings (typically access from inside firewalled networks).
Did that problem occur to anybody else ? Maybe Chrome has problems with SSL handshakes over such firewalled settings ?
Edit:
The problem could be solved by updating lighttpd to the latest version.
The problem could be solved by updating lighttpd to the latest version.