hsts

Security is important. But sometimes it’s important, too, to be productive, for example during work hours. Maybe at a trusted customer site with a restrictive security policy to intercept all HTTPs-Traffic using a customer-provided certificate which never fits to the visited web-sites. Most of my technical research jobs using Google aren’t secret, otherwise I won’t pass them to Google, so HSTS for at least Google-Sites doesn’t makes sense in these cases. Google knows that and invented the no-HSTS-Switch: –ignore-certificate-errors Thank you!Read More →