Allow OAuth 2 to redirect to plain HTTP for localhost

tomhughes · Apr 22, 2021 · ef5f7be · ef5f7be
1 parent fa59906
commit ef5f7be
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
@@ -246,7 +246,9 @@
   # #call can be used in order to allow conditional checks (to allow non-SSL
   # redirects to localhost for example).
 
-  force_ssl_in_redirect_uri !Rails.env.development?
+  force_ssl_in_redirect_uri do |uri|
+    !Rails.env.development? && uri.host != "127.0.0.1"
+  end
 
   # Specify what redirect URI's you want to block during Application creation.
   # Any redirect URI is whitelisted by default.