[sph]

Which browser from this decade ignores HSTS completely?

[neurostimulant]

Chrome can actually bypass HSTS if you enter the super secret code in the security warning screen. The code is changed regularly though, you'll have to check chromium source code to get the current bypass code. (e.g. https://chromium.googlesource.com/chromium/src/+/refs/tags/1... )

Very useful for testing but don't make a habit to use it on some random websites.

[autoexec]

It works for me in firefox, but I've got it locked down pretty hard.

I have the following all set to false in about:config

  network.stricttransportsecurity.preloadlist
  dom.security.https_first
  dom.security.https_first_pbm
  browser.fixup.fallback-to-https

[stuartd]

Safari on iPadOS 16 loads that just fine for me.

I’d forgotten all about this site, don’t remember ever using it but I certainly heard of it.

[stuartd]

Haven’t managed to find a site (apart from HN) that it does allow yet!