I am building an Express.js app locally. In order to test this in something other than localhost, I added the following entry to my hosts file:
127.0.0.1 mynewapp.dev
Without even starting the app, I accidentally tried http://mynewapp.dev:3000
(this is where I intended the app to run), in Chrome. To my surprise Chrome redirected me to https://mynewapp.dev:3000
.
Headers in the browser's console show:
General:
- Request URL:
http://mynewapp.dev:3000/
- Request Method: GET
- Status Code: 307 Internal Redirect
- Referrer Policy: no-referrer-when-downgrade
Response Headers:
- Location:
https://mynewapp.dev:3000/
- Non-Authoritative-Reason: HSTS
Request Headers:
- Provisional headers are shown
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
- Gecko) Chrome/68.0.3440.106 Safari/537.36
- X-DevTools-Emulate-Network-Conditions-Client-Id: 23A0CBD658A51DF4CA3B25A263078DA4
How did this happen? I have got no software redirecting the request, and my app isn't even running!
I am using:
- Chrome Version 68.0.3440.106 (Official Build) (64-bit)
- Windows 10 Enterprise
However this does not happen in:
- Microsoft Edge 40.15063.674.0 (Shows Error Code: INET_E_RESOURCE_NOT_FOUND)
- IE 11 (Shows Error Code: INET_E_RESOURCE_NOT_FOUND)
To answer the comments:
curl -I http://mynewapp.dev:3000
gets stuck and shows nothing.I also tried
chrome://net-internals/#events
, and found the request. This is what I saw:100382: URL_REQUEST http://mynewapp.dev:3000/ Start Time: 2018-08-17 07:32:03.853 t=16751 [st= 0] +REQUEST_ALIVE [dt=1007] --> priority = "HIGHEST" --> url = "http://mynewapp.dev:3000/" t=16751 [st= 0] +URL_REQUEST_DELEGATE [dt=1] t=16751 [st= 0] DELEGATE_INFO [dt=1] --> delegate_blocked_by = "extension AdBlock" t=16752 [st= 1] -URL_REQUEST_DELEGATE t=16752 [st= 1] +URL_REQUEST_START_JOB [dt=6] --> load_flags = 18432 (MAIN_FRAME_DEPRECATED | MAYBE_USER_GESTURE) --> method = "GET" --> url = "http://mynewapp.dev:3000/" t=16752 [st= 1] URL_REQUEST_REDIRECT_JOB --> reason = "HSTS" t=16752 [st= 1] URL_REQUEST_FAKE_RESPONSE_HEADERS_CREATED --> HTTP/1.1 307 Internal Redirect Location: https://mynewapp.dev:3000/ Non-Authoritative-Reason: HSTS t=16752 [st= 1] +URL_REQUEST_DELEGATE [dt=6] t=16752 [st= 1] DELEGATE_INFO [dt=6] --> delegate_blocked_by = "MojoAsyncResourceHandler" t=16758 [st= 7] -URL_REQUEST_DELEGATE t=16758 [st= 7] URL_REQUEST_REDIRECTED --> location = "https://mynewapp.dev:3000/" t=16758 [st= 7] -URL_REQUEST_START_JOB t=16758 [st= 7] +URL_REQUEST_DELEGATE [dt=0] t=16758 [st= 7] DELEGATE_INFO [dt=0] --> delegate_blocked_by = "extension AdBlock" t=16758 [st= 7] -URL_REQUEST_DELEGATE t=16758 [st= 7] +URL_REQUEST_START_JOB [dt=1000] --> load_flags = 18432 (MAIN_FRAME_DEPRECATED | MAYBE_USER_GESTURE) --> method = "GET" --> url = "https://mynewapp.dev:3000/" t=16759 [st= 8] URL_REQUEST_DELEGATE [dt=0] t=16759 [st= 8] HTTP_CACHE_GET_BACKEND [dt=0] t=16759 [st= 8] HTTP_CACHE_OPEN_ENTRY [dt=0] --> net_error = -2 (ERR_FAILED) t=16759 [st= 8] HTTP_CACHE_CREATE_ENTRY [dt=0] t=16759 [st= 8] HTTP_CACHE_ADD_TO_ENTRY [dt=0] t=16759 [st= 8] +HTTP_STREAM_REQUEST [dt=999] t=16759 [st= 8] HTTP_STREAM_JOB_CONTROLLER_BOUND --> source_dependency = 100392 (HTTP_STREAM_JOB_CONTROLLER) t=17758 [st=1007] HTTP_STREAM_REQUEST_BOUND_TO_JOB --> source_dependency = 100393 (HTTP_STREAM_JOB) t=17758 [st=1007] -HTTP_STREAM_REQUEST t=17758 [st=1007] -URL_REQUEST_START_JOB --> net_error = -102 (ERR_CONNECTION_REFUSED) t=17758 [st=1007] URL_REQUEST_DELEGATE [dt=0] t=17758 [st=1007] -REQUEST_ALIVE --> net_error = -102 (ERR_CONNECTION_REFUSED)
- Cleared the host cache from
chrome://net-internals/#dns
. Did not work. - Stopped all Chrome extensions. No change in behavior.
chrome://net-internals/#events
. But can't make head or tails of it. Will do some research. Thanks..dev
Dupe superuser.com/a/1276430 and superuser.com/a/1251483 also stackoverflow.com/questions/47768289 and stackoverflow.com/questions/47735877 and stackoverflow.com/questions/47707124 and stackoverflow.com/questions/47754347