[bug] HTTP Strict Transport Security (hsts) not editable
-
Sometimes, pinned certificates are blocking senseful work when developing against APIs etc. on a staging server. In Chrome, there is a feature where I can edit the pinned certificates.
If I open vivaldi://net-internals/#hsts , the editor opens, but if I delete a pinned certificate because I need to do this for developing, nothing happens. Certificate is still pinned.
I understand the sense of this function for normal users, but this blocks my work as developer (and btw. I absolute hate to get patronized by software I'm using!).
-
there are some sites like google.com youtube.com which are fixed and can't be deleted, I tried to delete some of mine which I added to force always https and they got deleted. I'm using latest snapshot.
-
@Gwen-Dragon said in [bug] HTTP Strict Transport Security (hsts) not editable:
Works in 1.7.725.3
The latest version I can download is 1.7.721.3 where I cannot delete the pinned certificate for i.e. facebook.com - If I delete the certificate for the domain and do a query, the pinned certificate is still there.
As I'm developing against one of their APIs and FB told me that my application is causing too much load and threaten to block my application, I need to tamper some requests (precisely: using debug proxies like Fiddler4 and re-routing them to my staging server where some debugging scripts are running) as I don't have any clue what happens "on the wire". Within my JS console, everything looks okay.
If I try to do so, Vivaldi is refusing to load anything of the page at all. A warning with a "continue anyway" button would be what I expect, but in this way, Vivaldi is blocking me to do my job!
-
Hi, no idea about the certificate stuff but:
Last version is always on Blog page.
Cheers, mib
-
Ppafflick moved this topic from Vivaldi for Windows on
