To bypass a Chrome certificate/HSTS error, you can type ‘badidea’ (previously ‘thisisunsafe’) without quotes (this might change in the future)
Posted by jpluimers on 2021/11/11
For expired or self-signed certificates with an untrusted chain, you might want to by base the Chrome certificate/HSTS error message.
Instead of clicking a few times, you can also type ‘badidea’ (this used to be ‘thisisunsafe’ and might change again someday).
Based on: [WayBack] security – Does using ‘badidea’ or ‘thisisunsafe’ to bypass a Chrome certificate/HSTS error only apply for the current site? – Stack Overflow
Found via [WayBack] KPN-klanten kunnen Experiabox V10A niet benaderen door verlopen certificaat – Computer – Nieuws – Tweakers
Source code that handles this: [WayBack] components/security_interstitials/core/browser/resources/interstitial_v2.js – chromium/src – Git at Google
/** * This allows errors to be skippped by typing a secret phrase into the page. * @param {string} e The key that was just pressed. */ function handleKeypress(e) { var BYPASS_SEQUENCE = 'badidea'; if (BYPASS_SEQUENCE.charCodeAt(keyPressState) == e.keyCode) { keyPressState++; if (keyPressState == BYPASS_SEQUENCE.length) { sendCommand(SecurityInterstitialCommandId.CMD_PROCEED); keyPressState = 0; } } else { keyPressState = 0; } }
–jeroen
Leave a Reply