Don't force SSL for localhost
YoavShapira opened this issue · 1 comments
YoavShapira commented
I'd like to add a criteria to the existing ones (app.debug, x-forwarded-proto, request.is_secure), which is to support local development. If the incoming request URL host name is "localhost" or 127.0.0.1, don't force SSL.
Objections / thoughts?
kennethreitz commented
Currently, the code doesn't force SSL when debug mode is enabled.