Add --insecure flag to ignore certificate errors

[zgolus]

Adds a --insecure (or -k) flag to the start command for accessing HTTPS sites with self-signed or invalid certificates.

Useful when testing against local development servers or internal services with custom CAs.

Usage

rodney start --insecure
rodney open https://localhost:8871/account/settings

Without the flag, you get ERR_CERT_AUTHORITY_INVALID. With it, the page loads.

Changes

• Added --insecure/-k flag that sets Chrome's --ignore-certificate-errors
• Updated help text
• Test added that verifies cert validation fails without the flag and succeeds with it
• The flag is also auto-enabled when using an authenticated proxy (preserves existing behavior)

[simonw]

I had Claude knock out a quick Go test server that uses a self-signed certificate: https://gist.github.com/simonw/29f72b400110cfcdfbfccf2847c7338a

Run like this:

git clone https://gist.github.com/simonw/29f72b400110cfcdfbfccf2847c7338a
cd 29f72b400110cfcdfbfccf2847c7338a
go run .

Starts a server here:

https://localhost:8443

Then you can:

curl 'https://localhost:8443'

curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.se/docs/sslcerts.html

But this works:

curl -k 'https://localhost:8443'

Hello over HTTPS!

[simonw]

Testing manually against that server:

rodney % ./rodney start
Chrome started (PID 64987)
Debug URL: ws://127.0.0.1:54046/devtools/browser/342e9162-7b58-436a-aea2-fd0f8f9d00f4
rodney % ./rodney open https://localhost:8443
panic: navigation failed: net::ERR_CERT_AUTHORITY_INVALID

goroutine 1 [running]:
github.com/go-rod/rod/lib/utils.init.func2({0x104e7ccc0?, 0x1400020c340?})
	/Users/simon/go/pkg/mod/github.com/go-rod/rod@v0.116.2/lib/utils/utils.go:68 +0x24
main.connectBrowser.New.(*Browser).WithPanic.genE.func1({0x1400020c3b0?, 0x16b68f56e?, 0x16?})
	/Users/simon/go/pkg/mod/github.com/go-rod/rod@v0.116.2/must.go:36 +0x68
github.com/go-rod/rod.(*Browser).MustPage(0x140000007e0, {0x14000157e58?, 0x104accad4?, 0x3?})
	/Users/simon/go/pkg/mod/github.com/go-rod/rod@v0.116.2/must.go:71 +0xec
main.cmdOpen({0x1400001e140?, 0x104781b88?, 0x7001010521c800?})
	/Users/simon/dev/rodney/main.go:420 +0x160
main.main()
	/Users/simon/dev/rodney/main.go:135 +0x2d4

Then with the new option:

rodney % ./rodney stop
Chrome stopped
rodney % ./rodney start --insecure           
Chrome started (PID 68457)
Debug URL: ws://127.0.0.1:54070/devtools/browser/c0ebf86e-81d9-49d4-96ec-654f535ce6a3
rodney % ./rodney open https://localhost:8443
localhost:8443
rodney % ./rodney html
<html><head><meta name="color-scheme" content="light dark"></head><body><pre style="word-wrap: break-word; white-space: pre-wrap;">Hello over HTTPS!
</pre></body></html>
rodney % ./rodney stop
Chrome stopped

Worked perfectly.