> > Pardon me- have 443 redirect to 80 of the environment variable is true. > Alternatively, have a completely different 443 vhost declared for > development purposes > > On Tue, Apr 16, 2024 at 11:30 AM Will Fatherley <wefatherley@xxxxxxxxx > <mailto:wefatherley@xxxxxxxxx> > wrote: > > > > But should your development be not protocol independent? If > your code works on http it should also work on https. I am getting sick > of these wordpress idiots where they still have hardcoded links > everywhere and I can't even convert a website from http to https. > > > TLS is not in the application layer as HTTP is, so it’s just a > complication that has to be managed in development. I don’t know how > Wordpress works, but there are solutions beyond its configuration. You are writting it is not application layer and then write it needs to be addressed in development? > For example, if you just need to verify your HTTP-based application > functions as desired, but there is commingling of HTTPS and HTTP in > application HREFs then use the `if` directive with a development-only > environment variable in your virtual hosts. If the client follows a HTTPS > link that isn’t going to work for keying material reasons, have the 443 > virtual host redirect to 80 if the development variable in the > development environment > This is more about the ability to host an application regardless if it is on http or https. How https is enforced/applied is up to the manager of the server, why would you even care as a developer of an application? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx