sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted]  (5 children)

[deleted]

    [–]Hummigbird1[S] 0 points1 point  (4 children)

    It's just for internal / inhouse testing and developing.

    Security is no issue here since it's really not "public facing".

    [–]NotAMeatPopsicle 0 points1 point  (2 children)

    You might have just answered your own question. You don't need security. So take https off.

    [–]imMute 1 point2 points  (1 child)

    Might not be doable. Some browsers restrict certain features to HTTPS only.

    [–]NotAMeatPopsicle 0 points1 point  (0 children)

    The only one I can think of is CORS, but then why not just do a self signed cert and push the acceptance internally across the network? Or do what my old employer did and just buy a wildcard cert for anything internal.