From 913cdcd349ee3c1ee7c1e3e945d063fa1e6b79d2 Mon Sep 17 00:00:00 2001 From: Thilanga Pitigala Date: Tue, 19 Aug 2025 22:07:25 +1000 Subject: [PATCH] Fix: Allow HTTP for local Supabase connections (#323) - Modified validate_supabase_url() to allow HTTP for local development - HTTP is now allowed for localhost, 127.0.0.1, host.docker.internal, and 0.0.0.0 - HTTPS is still required for production/non-local environments - Fixes server startup failure when using local Supabase with Docker --- python/src/server/config/config.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/python/src/server/config/config.py b/python/src/server/config/config.py index 560fbd7..1c7930d 100644 --- a/python/src/server/config/config.py +++ b/python/src/server/config/config.py @@ -97,8 +97,15 @@ def validate_supabase_url(url: str) -> bool: raise ConfigurationError("Supabase URL cannot be empty") parsed = urlparse(url) - if parsed.scheme != "https": - raise ConfigurationError("Supabase URL must use HTTPS") + # Allow HTTP for local development (host.docker.internal or localhost) + if parsed.scheme not in ("http", "https"): + raise ConfigurationError("Supabase URL must use HTTP or HTTPS") + + # Require HTTPS for production (non-local) URLs + if parsed.scheme == "http": + hostname = parsed.hostname or "" + if not any(local in hostname for local in ["localhost", "127.0.0.1", "host.docker.internal", "0.0.0.0"]): + raise ConfigurationError("Supabase URL must use HTTPS for non-local environments") if not parsed.netloc: raise ConfigurationError("Invalid Supabase URL format")