How to handle ERR_INSECURE_RESPONSE in Google Chrome extension
- No, the extension API does not offer any method to modify SSL settings or behavior.
- You could use the
chrome.webRequest.onErrorOccurred
event to get notified of network errors. Theerror
property will contain the network error code.
For example:
chrome.webRequest.onErrorOccurred.addListener(function(details) { if (details.error == 'net::ERR_INSECURE_RESPONSE') { console.log('Insecure request detected', details); }}, { urls: ['*://*/*'], types: ['xmlhttprequest']});var x = new XMLHttpRequest;x.open('get','https://example.com');x.send();
If for testing only, just start Chrome with the --ignore-certificate-errors
flag to allow self-signed certificates to be used. This affects all websites in the same browsing session, so I suggest to use a separate profile directory for this purpose, by appending --user-data-dir=/tmp/temporaryprofiledirectory
to the command line arguments.
Another way to avoid the error in the first place is to get a valid SSL certificate. For non-commericial purposes, you can get a free SSL certificate at https://www.startssl.com.