|
|
|
|
|
|
by gregmac
2753 days ago
|
|
|
I'm still very unclear on a legitimate use case for this, and personally wouldn't do it until I had a good reason. That said, a couple ideas on how to implement: * Use an alternate domain, eg `insecure.domain.com` * Use an alternate path prefix, eg `domain.com/insecure/` -- your app would have to be able to handle this * Use a parameter that sets a cookie that your load balancer/reverse proxy can understand, eg, `http://domain.com/?https=false`, and will prevent redirect -- definitely the most complex from the proxy point-of-view, but means the URL (other than the scheme) is consistent for both types of user |
|
|