Visual Studio website is redirecting http to https when debugging

Question

I am having an issue with IIS express or Visual Studio 2013.

The site has NO https or ssl enabled or setup in the properties.

When I click debug, the site launches in the broswer and tries to load: http://localhost:61488/Default.aspx

it then for some reason gets automatically redirected to: https://localhost:61488/Default.aspx and I then get an Error code: ERR_SSL_PROTOCOL_ERROR in chrome

Im not quite sure what to do?

score 124 · Accepted Answer · edited Jul 27 '18 at 17:55

I believe this is caused by HSTS - see http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

If you have (developed) any other localhost sites which send a HSTS header...

eg. Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

...then depending on the value of max-age, future requests to localhost will be required to be served over HTTPS.

To get around this, I did the following.

In the Chrome address bar type "chrome://net-internals/#hsts"
At the very bottom of a page is QUERY domain textbox - verify that localhost is known to the browser
If it is, DELETE the localhost domain using the textbox above
Your site should now work using plain old HTTP

This is not a permanent solution, but will at least get it working between projects. If anyone knows how to permanently exclude localhost from the HSTS list please let me know :)

Update - as pointed out in an answer below, you will likely need to clear the browser cache after performing the step above to get the browser to completely "forget" the HSTS info for localhost.

@jag then it's likely not to be HSTS, but something else as some of the other answers refer to. eg. RequireHttps attribute on Controller or a cached redirect. — BigJump, Oct 23 '15 at 10:50

score 29 · Answer 2 · answered Jun 09 '17 at 14:25

29

One problem that I ran into that is similar. I ran a HTTPS redirect, then after confirming it works via localhost, I took it out. After running the program again it continued to redirect my localhost. I then cleared my cache on the Chrome browser that VS was running. Everything went back to normal. ~ Visual Studios 2017

answered Jun 09 '17 at 14:25

Adam Martin

436
4
6

1

Yes! After removing HSTS code in web.config, Chrome continued redirecting to HTTPS unless cache was cleared. Thank you very much!! – Shiva Naru Jun 10 '17 at 01:01
1

This did the trick for me, too. It's weird, though. I didn't expect this to be a caching-issue since I haven't had any issues when switching from http to https. +1 – Alan Oct 11 '17 at 21:08

score 10 · Answer 3 · edited Feb 18 '16 at 21:42

10

Remove [RequireHttps] attribute above HomeController.

edited Feb 18 '16 at 21:42

stink

865
8
19

answered May 19 '15 at 00:20

Dmitry Stepanov

2,776
8
29
45

This could also be the issue, I do remember enabling it at some point in time – Zapnologica May 19 '15 at 09:03
What if you need RequireHttps in your site? – Christine Apr 07 '16 at 18:13

score 7 · Answer 4 · answered Jun 30 '17 at 13:48

7

Try clearing your browser cache if all else fails. I tried every solution noted above - perhaps they helped, but visibly everything returned to normal after clearing my browser cache.

answered Jun 30 '17 at 13:48

mbuchok

391
6
18

1

This worked for me! The project had been run once in Release, which forced HTTPS. After that, Chrome always did the redirect. Clearing the cache fixed the issue. – Synesthetic Symphony Jun 12 '19 at 20:41

score 1 · Answer 5 · answered Nov 25 '20 at 01:04

1

I had a redirect in the web config, even after changing this it was still redirecting. Deleting the .csproj.user file fixed the issue for me.

answered Nov 25 '20 at 01:04

Mick

6,527
4
52
67

Visual Studio website is redirecting http to https when debugging

5 Answers5

Linked