How to Stop Chrome from Automatically Redirecting to https
What you'll need
If you ever visited the
https version of a website (whether it resolved or not), Google Chrome might repeatedly send you to that version. In other words,
http://local.howchoo.com:4000 continually redirects you to
Why this happens
This is a secure caching issue where Chrome erroneously caches the redirect the first time you visit the secure version of a site—even if the site doesn’t have a valid SSL/TLS certificate.
A pain in local development
This is a major problem in local development where you’re often coding in a non-secure environment.
This short guide will show you how to remove the automatic redirect to
https in Chrome, fixing the issue.
1 – Open HSTS settings in net-internals in Chrome
In a new browser tab, go to
chrome://net-internals/#hsts. This is the configuration area for HSTS.
What is HSTS?
According to Google Chrome, an HSTS is HTTP Strict Transport Security—a way for sites to elect to always use HTTPS.
2 – Delete domain security policies for the domain
Scroll down to “Delete domain security policies” and enter the root domain that’s causing you issues. For example, I entered
howchoo.com to prevent the domain from automatically redirecting to https.
Then, click the Delete button.
3 – Visit the website to test
http version of the URL that was giving you problems. You should no longer get redirected.
Still getting redirected?
If you’re still getting redirected, try clearing your browser cache by navigating to
Chrome > Settings > Privacy and security (or by visiting
chrome://settings/privacy in your browser) and clear your browsing data.
How to Clear Your Browser Cache for Any Browser
Trouble loading web pages? Try clearing your cache!
You can also clear data just for the specific domain by visiting the domain in your browser by navigating to
View > Developer > Developer Tools > Application > Clear storage and then clicking the Clear site data button.