Repeatedly getting message: You're accessing the development server over HTTPS, but it only supports HTTP

Question

I am trying to Dockerize my Django application. In my settings.py I have all my security settings set to False if DEBUG=True. I specifically print both f"DEBUG={DEBUG}" and f"SECURE_SSL_REDIRECT = {SECURE_SSL_REDIRECT}" at the bottom of my settings.py. But I am repeatedly getting the message You're accessing the development server over HTTPS, but it only supports HTTP.. What gives? I have seen some other questions that indicate this variable is causing the problem, but that does not seem to be the case for me as it is most definitely set to False.

settings.py

# SITE SECURITY (security)
if DEBUG is False:
    CSRF_COOKIE_SECURE = True
    SECURE_CONTENT_TYPE_NOSNIFF = True
    SECURE_BROWSER_XSS_FILTER = True
    SESSION_COOKIE_SECURE = True
    X_FRAME_OPTIONS = 'DENY'
    SECURE_SSL_REDIRECT = True
    SECURE_HSTS_SECONDS = 17068000 # > 6 months (197 days)
    SECURE_HSTS_INCLUDE_SUBDOMAINS = True
    SECURE_HSTS_PRELOAD = True
else:
    CSRF_COOKIE_SECURE = False
    SECURE_CONTENT_TYPE_NOSNIFF = False
    SECURE_BROWSER_XSS_FILTER = False
    SESSION_COOKIE_SECURE = False
    SECURE_SSL_REDIRECT = False
    SECURE_HSTS_INCLUDE_SUBDOMAINS = False
    SECURE_HSTS_PRELOAD = False


print(f"SECURE_SSL_REDIRECT = {SECURE_SSL_REDIRECT}")

docker-compose up output

System check identified no issues (0 silenced).
web_1  | December 08, 2019 - 21:32:49
web_1  | Django version 2.1.1, using settings 'my_app.settings'
web_1  | Starting development server at http://0.0.0.0:8000/
web_1  | Quit the server with CONTROL-C.
web_1  | "True"
web_1  | DEBUG=True
web_1  | SECURE_SSL_REDIRECT = False
web_1  | Performing system checks...
web_1  |
web_1  | System check identified no issues (0 silenced).
web_1  | December 08, 2019 - 21:32:59
web_1  | Django version 2.1.1, using settings 'my_app.settings'
web_1  | Starting development server at http://0.0.0.0:8000/
web_1  | Quit the server with CONTROL-C.
web_1  | [08/Dec/2019 21:33:07] code 400, message Bad request syntax ("\x16\x03\x01\x02\x00\x01\x00\x01\xfc\x03\x03\x1dn\xe4j\xdc8~\x02\xc2\x04\x89\xdd\x005^\xba\x9a\xa7\xa3xt\xc4.\xef,\xf7\x06\xedsOa\x81 \x87/E\xc9\xc1Hn\xe0%'\x93\xf4\t\xbd\xcb9")
web_1  | [08/Dec/2019 21:33:07] You're accessing the development server over HTTPS, but it only supports HTTP.

Answer 1

Your server does not support https, so set these settings:

SECURE_SSL_REDIRECT=False
SESSION_COOKIE_SECURE=False
CSRF_COOKIE_SECURE=False

Or it may be a problem with your browser on chrome, Go to Settings > Privacy & Security > Clear Browsing History and set Time Range to all time and then clear your data. That worked for me.