Chrome & Firefox now force .dev domains to HTTPS via preloaded HSTS

tl;dr: Chrome 63 (out since December 2017), will force all domains ending on .dev (and .foo) to be redirected to HTTPS via a preloaded HTTP Strict Transport Security (HSTS) header. Update 07/02/2018: Firefox now also forces .DEV domains to HTTPS. Wait, there’s a legit .dev gTLD? Yes, unfortunately. It’s been bought by Google as one … Continue reading Chrome & Firefox now force .dev domains to HTTPS via preloaded HSTS