> But should your development be not protocol independent? If your code > works on http it should also work on https. I am getting sick of these > wordpress idiots where they still have hardcoded links everywhere and I > can't even convert a website from http to https. > TLS is not in the application layer as HTTP is, so it’s just a complication that has to be managed in development. I don’t know how Wordpress works, but there are solutions beyond its configuration.
For example, if you just need to verify your HTTP-based application functions as desired, but there is commingling of HTTPS and HTTP in application HREFs then use the `if` directive with a development-only environment variable in your virtual hosts. If the client follows a HTTPS link that isn’t going to work for keying material reasons, have the 443 virtual host redirect to 80 if the development variable in the development environment
