Localhost connection automatically upgrades to HTTPS

Description of the issue:
I’m a web developer and debug localhost applications all the time.
Not that long ago, an issue with localhost connections has began causing the connections being upgraded to HTTPS, which renders the applications unreachable. There’s no way to downgrade, neither via disabling the HTTPS upgrade in the browser options, nor disabling the Brave Shields (that one’s disabled for localhost and supposed to use default browser settings).
This makes me require using a Chrome browser for debugging applications, which is quite annoying, as Brave is my default browser.

How can this issue be reproduced?

  1. Run a localhost application (I’m using IIS Express via Visual Studio)
  2. The connection is upgraded to HTTPS automatically and loading fails.
  3. Try disabling HTTPS connection upgrade in the browser settings, and see that it does nothing on trying to reconnect to localhost app over HTTP (still automatically upgrades to HTTPS)
  4. Open the same URL without HTTPS in another browser - it’s functional.

Expected result:

It should be possible to avoid the auto upgrade to HTTPS for localhost applications.

Brave Version:

v1.41.96

@comaunite

1 Like

Dang, turned out that was the case.
I cleared policies for “localhost” domain via brave://net-internals/#hsts and then found one webapp that did set HSTS tag for the default Debug configuration.
Got that fixed and now it’s not redirecting.

Thanks

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.