So today I was trying to get SSL working on my machine with localhost. In the process I set the HSTS headers, telling the browser to never access the non-secure http:// version of localhost. Thus going to http://localhost:4000 would always fail as HSTS tells the browser to only access https://.
Here is how you can reset the cache Safari has for HSTS pinnings so you can access your local http://localhost again.
Open a terminal and follow those steps:
sudo killall nsurlstoraged
# or edit file, search for "localhost", remove it and then save
rm -f ~/Library/Cookies/HSTS.plist
launchctl start /System/Library/LaunchAgents/com.apple.nsurlstoraged.plist
You may have to restart Safari afterwards.
Discussion
Unfortunately, it doesn't work.
macOS 10.14.6 (18G95)
$ sudo rm -f ~/Library/Cookies/HSTS.plist
rm: /Users/yves/Library/Cookies/HSTS.plist: Operation not permitted
See osxdaily.com/2018/10/09/fix-operat... before following the instructions on this post.