112
votes
Accepted
Why does typing an IP address instead of the corresponding domain name not show the website?
Because the proper HTTP Host header is often required to actually get the intended site.
It's very common to host multiple web sites on the same IP address and distinguish between them based on the ...
- 36k
108
votes
Accepted
Chrome S3 Cloudfront: No 'Access-Control-Allow-Origin' header on initial XHR request
You're making two requests for the same object, one from HTML, one from XHR. The second one fails, because Chrome uses the cached response from the first request, which has no Access-Control-Allow-...
- 23.3k
84
votes
Accepted
Site is accessible by domain in all browsers but Chrome
Your problem is because you are using a .dev domain.
The entire .dev top-level domain (TLD) is on the HSTS preload list and that means you must access it using HTTPS. According to your nginx config ...
- 3,222
28
votes
Accepted
SSL certificate in system store not trusted by Chrome
In Ubuntu, Chrome uses its own certificate store. You can import your RootCA.crt in Chrome's
settings -> privacy and security -> manage security keys -> manage certificates -> authorities
Note that ...
- 396
18
votes
Accepted
why Chrome browser doesn't recognize my nginx http2 server?
As per my answer on StackOverflow:
Will likely be one of two reasons:
You are using anti-virus software and it is MITM your traffic and so downgrading you to HTTP/1.1. Turn off https traffic ...
- 4,756
14
votes
Why does typing an IP address instead of the corresponding domain name not show the website?
Because usually web servers use "virtual server" technology and are able to answer on your HTTP request within exactly the domain name you request, but not the IP address of the web servers. Thanks to ...
- 149
12
votes
Wildcard *.localhost SSL with Nginx and Chrome
So ultimately the answer seems to be that you simply can't create a certificate for *.localhost that Chrome will accept.
My solution was to change to using *.dev.localhost instead, which worked a ...
- 515
11
votes
Refused to frame '' because it violates the following Content Security Policy directive: "frame-src *"
Had exactly that problem today.
I solved it by using
frame-src data:
Btw. '*' is only a wildcard for urls. data: 'unsafe-inline' and 'unsafe-eval' have to be added individually.
- 111
10
votes
Why does typing an IP address instead of the corresponding domain name not show the website?
In Apache, you can host many websites using just one single IP address. This is called virtual hosting. It's how subdomains can be created, even standalone domains. This is done by setting up an ...
- 219
10
votes
Accepted
nginx conf: http2 module not working in Chrome in ubuntu 18.04
I suspect it’s this:
# Avoid mime type sniffing
add_header X-Content-Type-Options: nosniff;
HTTP/2 is a bit more strict about HTTP Headers than HTTP/1.1 was and in this header, unlike your others, ...
- 4,756
8
votes
Why does typing an IP address instead of the corresponding domain name not show the website?
I like to use the "house" terminology.
You can quite easily send a letter to a house without a name on it and it'll arrive at the house.
If you put the person's name on it then you're sending to the ...
- 173
7
votes
Chrome S3 Cloudfront: No 'Access-Control-Allow-Origin' header on initial XHR request
As of Nov 2021, CloudFront directly supports Response Headers Policies. These include CORS, security and custom headers. There is no need to inject custom headers via Lambda@Edge or CloudFront ...
- 71
6
votes
Chrome S3 Cloudfront: No 'Access-Control-Allow-Origin' header on initial XHR request
I think the accepted answer here is outdated and din't work for me in any case.
I used the "CORS-with-preflight-and-SecurityHeadersPolicy" managed by AWS and that solved my CORS issues
...
- 61
5
votes
Accepted
Chrome desktop and android refuses to accept trusted self-signed cert
Chrome requires SAN. For two years now, Chrome has used the Subject Alternative Name (SAN) extension in a certificate, NOT the CommonName (CN) attribute in the Subject as was used last century. (Other ...
- 3,690
4
votes
I've switched back from HTTPS to HTTP now the page doesn't load in Chrome
You probably either had permanent redirect from HTTP to HTTPS, or you had HTTP strict transport security (HSTS) enabled which are still in your cache.
As far as I know clearing your cache should work ...
- 82.5k
4
votes
Accepted
Chrome Self-Signed Wildcard Certificate Error
You need to recreate the certificate and assign a SubjectAltName. This works for me on OSX 10.11.6 with Brew:
openssl req -x509 -sha256 -nodes -days 3650 \
-newkey rsa:2048 -keyout visible.priv.key \ ...
- 156
4
votes
Authenticate to LXD rest API over network , certificate auth keeps failing
Going thru a lot of trial and errors. I have finally stumbled upon this Link. It's part of Configuration of LXD works just perfectly. Below are the steps I followed.
Install ZFS , LXD and then do ...
- 163
4
votes
Accepted
403 - Forbidden: Access is denied in Chrome
You have accidentally configured client authentication on your IIS server. The server now expects your browser to send a certificate to the server in order to authenticate you.
Start the IIS ...
- 5,219
4
votes
Accepted
NET::ERR_CERT_COMMON_NAME_INVALID in Chrome but not in IE
Your certificate is missing the Subject Alternate Name (SAN) entries.
Modern browsers require that the SAN is present, even if it it only contains the common name. Recreate your certificate with a SAN ...
- 26k
4
votes
Apache2 SSL handshake failure with Chrome
We clearly see that Apache cannot find any common cipher algorithm ...
Not at all. We clearly see Apache (really OpenSSL) cannot find any suitable signature algorithm aka sigalg. That is completely ...
- 3,690
3
votes
How to throttle Chrome's CPU usage?
There's no native way to throttle CPU usage, but you can set process affinity to only one core.
One way to do this via Group Policy is to deploy a scheduled task. If you only have one server, you can ...
- 51.4k
3
votes
Accepted
How do I redirect the Google Chrome appdata/local folder?
Do you try Set user data directory policy?
It documented here
And there list of available path variables
In your case it is useful variable ${roaming_app_data}
- 3,323
3
votes
Accepted
Why would Chrome ignore the X509v3 Subject Alternative Name in my cert?
Chrome 67 is pretty old, but your cert has TWO BasicConstraint extensions which violates RFC5280 4.2, and if I replicate that error (by hand!) my up-to-date 71.0.3578.98 exhibits the same symptoms: ...
- 3,690
3
votes
Accepted
What can the cause be of very sporadic "ERR_CERT_AUTHORITY_INVALID" message?
does this mean the workplace most likely intercepts their communication
this is what I would put on top of other potential reasons. They should check who is the issuer of presented invalid ...
- 7,307
3
votes
Feedback on Using Chrome on RDS Hosts
Your question is a bit subjective. Does it work well? That depends on how you need to use it. Does it work as well with their GPO templates? It depends on what you need to manage via GPO.
Chrome ...
- 111k
3
votes
Accepted
What is the circle icon in Chrome's Network tab?
That's probably a request from a service worker. They reference it as a gear. Cog/gear... What is the difference? Please don't down vote.... I know the difference....
A service worker is a type of ...
- 131
2
votes
Chrome Group Policy - disable spell check
There are group policy settings now available to control this feature:-
In "Google" -> "Google Chrome" there are now 2 entries-
"Enable or disable spell checking web ...
- 21
2
votes
Accepted
Can't Get Any Browser to Prompt for A Client Certificate (Certificates on Apache)
I figured it out. In my Apache settings, I changed:
SSLCACertificatePath to ~~~~~~/ca/certs/ca.cert.pem
SSLVerifyDepth 1 to SSLVerifyDepth 10
And the most important thing I changed was I converted ...
- 51
2
votes
Configuring Google Chrome to Connect to AD Configured with Kerberos and Using ADFS
There are different configurations for using the "system logon credentials" (Kerberos authentication mechanism) for Chrome and Firefox.
Chrome
To config chrome you need to start the application the ...
- 361
2
votes
I've switched back from HTTPS to HTTP now the page doesn't load in Chrome
Your site most probably issues HSTS headers to visitors, which tell the browser that the site should always be loaded with https. The browsers remember these header settings for each site, and refuse ...
- 38.3k
Only top scored, non community-wiki answers of a minimum length are eligible