coleam00 · cristiZ1505 · Aug 19, 2025 · Aug 24, 2025
diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -0,0 +1,29 @@
+{
+    // Use IntelliSense to learn about possible attributes.
+    // Hover to view descriptions of existing attributes.
+    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Attach to Chrome",
+            "port": 9222,
+            "request": "attach",
+            "type": "chrome",
+            "webRoot": "${workspaceFolder}"
+        },
+        {
+            "name": "Attach to Chrome",
+            "port": 9222,
+            "request": "attach",
+            "type": "chrome",
+            "webRoot": "${workspaceFolder}"
+        },
+        {
+            "type": "chrome",
+            "request": "launch",
+            "name": "Launch Chrome against localhost",
+            "url": "http://localhost:8080",
+            "webRoot": "${workspaceFolder}"
+        }
+    ]
+}
diff --git a/python/src/server/config/config.py b/python/src/server/config/config.py
@@ -97,8 +97,15 @@ def validate_supabase_url(url: str) -> bool:
         raise ConfigurationError("Supabase URL cannot be empty")
 
     parsed = urlparse(url)
-    if parsed.scheme != "https":
-        raise ConfigurationError("Supabase URL must use HTTPS")
+    # Allow HTTP for local development (host.docker.internal or localhost)
+    if parsed.scheme not in ("http", "https"):
+        raise ConfigurationError("Supabase URL must use HTTP or HTTPS")
+
+    # Require HTTPS for production (non-local) URLs
+    if parsed.scheme == "http":
+        hostname = parsed.hostname or ""
+        if not any(local in hostname for local in ["localhost", "127.0.0.1", "host.docker.internal", "0.0.0.0"]):
+            raise ConfigurationError("Supabase URL must use HTTPS for non-local environments")
 
     if not parsed.netloc:
         raise ConfigurationError("Invalid Supabase URL format")