You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jul 15, 2022. It is now read-only.
After running site and generating the root certificates the localhost domain was added to the ~/Library/Cookies/HSTS.plist file which forces then the OS to always use https on localhost, even when site.js is not running.
My solution was to:
Kill nsurlstoraged service
$ sudo killall nsurlstoraged
Remove the HSTS.plist file (via terminal or via finder directly)
If you're running macOS Mojave (10.14) or Catalina (10.15) you need to enable full disk access for your Terminal app before the instructions above will work.
Open Security and Privacy in System Preferences.
Go to the Privacy tab.
Click the lock in the bottom left corner to authenticate.
Select Full Disk Access from the list on the left.
Add and select your Terminal app in the list on the right.
@joaomvfsantos Thank you for writing this up and sharing the workaround and @adrianshort thank you for the macOS-specific prerequisites; appreciate it :)
This is due to Site.js using Helmet for localhost servers as well as for servers at hostname and HTTP Strict Transport Security (HSTS) is enabled by default in the current version. The next version, which I’m going to take a look into seems to take a piecemeal approach from the start.
Disabling HSTS for localhost servers should be a good idea.
In fact, unless I’m missing something, I’m not actually sure we should even be using Helmet at all for localhost servers…
Was just bitten by this after testing site.js, all the localhost:8008 dev URLs (for other projects) stopped working.
On top of @joaomvfsantos and @adrianshort 's solution, I also had to clear Chrome's memory of the setting. To do this went to chrome://net-internals/#hsts, and in the "delete" section typed "localhost". 😅
I started using site today and I'm really liking it, but this issue is kind of annoying.
After developing a bit my site website (which will be my personal website), I have to clear the https setting, otherwise I cannot work on work-related projects that I need to run on various localhost:3000 etc. while developing.
Is there a way to develop with site that doesn't change this setting for localhost?
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
After running
site
and generating the root certificates thelocalhost
domain was added to the~/Library/Cookies/HSTS.plist
file which forces then the OS to always use https on localhost, even when site.js is not running.My solution was to:
$ rm -f ~/Library/Cookies/HSTS.plist
The text was updated successfully, but these errors were encountered: