sk1llfull February 2016

Using 'badidea' word to bypass Chrome certificate/HSTS error

Sometimes Chrome doesn't allow you to visit certain sites and throwing certificate/HSTS error, I've found that typing 'badidea' in Chrome window (without apostrophes) will tell Chrome to skip certificate validation, etc.

My question: does this solution work only for specific site or Chrome will not throw certificate/HSTS errors for all other sites after I've used this keyword?

Answers


BazzaDP February 2016

I think, from memory, you have to use it each time you want to pass each site. So think it's relative to that site and that session. Closing the browser and revisiting the same site should show the same error.

Needless to say use of this "feature" is a bad idea - hence the name. You should find out why the site is showing the error and/or stop using it until they fix it. HSTS specifically adds protections for bad certs to prevent you clicking through them. The fact it's needed suggests there is something wrong with the https connection - like the site or your connection to it has been hacked.

Post Status

Asked in February 2016
Viewed 2,890 times
Voted 7
Answered 1 times

Search




Leave an answer