Oops, didn't pick up on this - it works fine on my machine (without adding exception). I've removed the non-ssl redirect while I get it sorted. Thanks for the heads up :)
Intermediate certificates are easy to mess up, and they don't always show up for everyone as a problem.
Just thought I'd help out!
Test with `curl' is where I noticed it broken -- seems to work in Chrome, possibly because they cache intermediate certificates or something?
~% curl 'https://statuscoder.com/
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
I'm not very familiar with X-Frame-Options and X-XSS-Protection headers. Do they actually do anything for errors or empty responses, or does this stack just add them by default?
A part of our core app at work pulls in data from a remote source and the other day the remote server was giving a 502. When I came to test it, everything was fine again but I fixed the problem and wanted to see how it reacted again to a 502. I thought it'd be nice to have something where I could specify a status code and get that code back.
This is a great idea ... Thanks for sharing your test rig. Obviously this can't really be ad supported so maybe a network of us could donate bandwidth if it becomes an issue.
