22
uyouthe
27d

When a website has a messed up certificate and it’s so bad that there is no “proceed anyway” button, JUST TYPE “thisisunsafe” AND THE WEBSITE WILL FUCKING LOAD ANYWAY

works in chrome

Comments
  • 5
    Finally a cheat-code that works in real life.
  • 4
    Keep in mind that this IS unsafe and make sure you know what you're doing. AFAIR the only case when Chrome won't show the "Proceed anyway" button is when HSTS fails, ie. the website has previously promised that it will always by certified by such-and-such and it's breaking this promise now. That's way worse than just a bad cert and it's quite likely to actually be a MITM attack.
  • 0
    @gronostaj that’s on user to decide
  • 3
    Most users are not knowledgeable enough to make an informed decision and used to clicking away any error messages without even reading them. It's useful to know this trick, but please don't share it with your non-techy friends.
  • 0
    @gronostaj I don’t think my non-techy friends even know about devrant, especially since I don’t include my rants into my newsletter
  • 0
    @gronostaj HSTS kinda sucks. Netlify automatically puts you on the registry if you enable HTTPS so now my domain is screwed if I want to move to a different host. So thanks, I guess...
  • 0
    @gronostaj or a cert issue, such as "my clock is very wrong" or "i'm trying very hard to use the web on 2000/XP"
  • 0
    @Parzi For cert issues other than HSTS violation a bypass button is shown.
  • 0
    @gronostaj on something with expired system certs you still hit HSTS errors, yes, even if the cert given by the site would be valid.
Add Comment