Skip to main content

Enable secure context to local deployments

· One min read
Brian Tate

Upcoming versions of Tator, specifically 0.2.18, utilize a cutting edge browser feature known as the WebCodecs API. Based on browser security, features such as WebCodecs API are turned off in insecure origins.

Generally only HTTPS or HTTP traffic to localhost is considered a secure origin. Because most Tator deployments do not run on localhost, the only way to enable a non-HTTPS deployment of Tator is to add your host to chrome://flags/#unsafely-treat-insecure-origin-as-secure.


For production environments, it is strongly encouraged to enable TLS certificate management for a Tator deployment. This will allow all clients to have a secure context to the deployment.

For development use-cases, another approach to make the the context secure is to use ssh and port forwarding to access the Tator deployment from localhost. In the example below browsers will treat http://localhost:8080 as a secure context.

ssh -N -L 8080:<TATOR_HOST>:80 localhost

This approach is recommended for running the front-end unit tests