307 Internal redirect, forced https redirection

If you are trying to test redirections on your web server (Apache, NGINX, etc), but your web browser (chrome, firefox, etc) keeps redirecting to HTTPS no matter what you do... read on !

The reflex you might have had is to clear your browser's redirection cache, but there is one question you should answer before doing that : is your domain name subject to the HTTP Strict Transport Security (HSTS) ? This basically affect most of google's top level domains (TLDs) like .dev, .app, etc.

If your domain name is subject to HSTS, your web browser will redirect every traffic to HTTPS BEFORE initiating any communications with your web server, this means your Apache/NGINX config will NOT have any effect in the redirection that will occur.

HSTS is also the reason why a self-signed SSL certificate will not be enough, you wont be able to bypass it by clicking the "proceed anyway" link. You'll need a properly signed certificate from a valid authority (such as letsencrypt).

I hope it helped !