From bfdf60b8fe6372cc8d31d15481614b4fc65ad5b5 Mon Sep 17 00:00:00 2001
From: Yash <yash@fedora.nitk.ac.in>
Date: Mon, 14 Oct 2024 22:55:54 +0530
Subject: [PATCH] added guideline for frontend setup

---
 docs/development/Frontend-Setup-Guideline.md | 49 ++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 docs/development/Frontend-Setup-Guideline.md

diff --git a/docs/development/Frontend-Setup-Guideline.md b/docs/development/Frontend-Setup-Guideline.md
new file mode 100644
index 00000000000..a78f0ce8d28
--- /dev/null
+++ b/docs/development/Frontend-Setup-Guideline.md
@@ -0,0 +1,49 @@
+# Accessing Frontend on localhost with a Self-Signed Certificate
+
+When running the frontend locally with a self-signed SSL certificate, most browsers will block access to `https://localhost` due to security policies. To bypass this and open localhost with a self-signed certificate, follow these steps to start your browser in insecure mode.
+
+## Chrome (Insecure Mode)
+
+1. Open a terminal or command prompt.
+
+2. Start Chrome with the following command, which disables certificate checking and web security for the session:
+
+**For macOS or Linux:**
+   
+    google-chrome --ignore-certificate-errors --disable-web-security --user-data-dir=/tmp/temp-chrome-profile 
+
+    
+**For Windows:**
+
+    C:\ProgramFiles\Google\Chrome\Application\chrome.exe" --ignore-certificate-errors --disable-web-security --user-data-dir=C:\tmp\temp-chrome-profile 
+
+
+This command opens Chrome in a temporary profile with relaxed security settings, allowing access to https://localhost without SSL warnings.
+
+After testing, close the browser. Do not use this browser session for regular browsing as it is less secure.
+
+
+## Firefox (Disable Certificate Checking)
+ 1. Open Firefox and navigate to about:config in the address bar.
+
+ 2. Modify the following settings:
+
+    1. security.ssl.enable_ocsp_stapling → false
+
+    2. security.cert_pinning.enforcement_level → 0
+
+    3. network.stricttransportsecurity.preloadlist → false
+
+    After applying these changes, you can access https://localhost with a self-signed certificate.
+
+
+## Security Note
+Starting a browser in insecure mode or disabling certificate checks can expose you to risks. These methods should be used strictly for local development and testing purposes. Close the browser after testing and reopen it in normal mode for daily browsing.
+
+
+
+
+
+
+
+