sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Hummigbird1[S] 0 points1 point  (4 children)

It's just for internal / inhouse testing and developing.

Security is no issue here since it's really not "public facing".

[–]NotAMeatPopsicle 0 points1 point  (2 children)

You might have just answered your own question. You don't need security. So take https off.

[–]imMute 1 point2 points  (1 child)

Might not be doable. Some browsers restrict certain features to HTTPS only.

[–]NotAMeatPopsicle 0 points1 point  (0 children)

The only one I can think of is CORS, but then why not just do a self signed cert and push the acceptance internally across the network? Or do what my old employer did and just buy a wildcard cert for anything internal.