You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, Lightning runs on port 4000 - with no TLS/SSL on the web front end.
In the pursuit of encouraging best practices local deploys in production mode should:
Generate a self signed certificate
Use the self signed cert on a secure port (like 4443?)
Warn the user when logging in via the HTTP endpoint that this is insecure
Serve the application via a secure endpoint with the self signed certificate
However when a user deploys the application in front of a reverse proxy that provides certificates, this policy should be able to be disabled via at least an environment variable.
The text was updated successfully, but these errors were encountered:
Currently, Lightning runs on port 4000 - with no TLS/SSL on the web front end.
In the pursuit of encouraging best practices local deploys in production mode should:
However when a user deploys the application in front of a reverse proxy that provides certificates, this policy should be able to be disabled via at least an environment variable.
The text was updated successfully, but these errors were encountered: