This is absolutely horrible advice. You are literally saying 'it's ok to trust someone because they say they are trustworthy'. That is the worst security advice there is.
Where am I saying this?
I am afraid you totally misunderstood the point of this post. This has nothing to do with trust at all. It is not meant to be secure nor trusted.
It strictly works for localhost, and merely to satisfy Chrome while testing if your asset URLs are all https, all your cookies are secure etc.
This CANNOT be used in production, because as mentioned in the article, the domain points to 127.0.0.1. And even if I change the domain to another IP address, visiting it would be simply like visiting any URL on the vast web.
The link you cite has nothing to do with this post.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Where am I saying this?
I am afraid you totally misunderstood the point of this post. This has nothing to do with trust at all. It is not meant to be secure nor trusted.
It strictly works for
localhost
, and merely to satisfy Chrome while testing if your asset URLs are all https, all your cookies are secure etc.This CANNOT be used in production, because as mentioned in the article, the domain points to 127.0.0.1. And even if I change the domain to another IP address, visiting it would be simply like visiting any URL on the vast web.
The link you cite has nothing to do with this post.