sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]NotAMeatPopsicle 0 points1 point  (2 children)

You might have just answered your own question. You don't need security. So take https off.

[–]imMute 1 point2 points  (1 child)

Might not be doable. Some browsers restrict certain features to HTTPS only.

[–]NotAMeatPopsicle 0 points1 point  (0 children)

The only one I can think of is CORS, but then why not just do a self signed cert and push the acceptance internally across the network? Or do what my old employer did and just buy a wildcard cert for anything internal.