Web development is something I do infrequently (it doesn't feature in my day job), meaning some of the industry trends tend to pass me by. The restriction that some JavaScript client APIs are only available over HTTPS1 is one such trend I had missed.

Encountering this restriction, I had assumed that it would be extremely difficult to set up HTTPS server locally for development. It turns out, however, it's very easy using Flask (my go-to lightweight Python server of choice): simply passing ssl_context='adhoc' to the run method will dynamically generate, and use, an ad-hoc SSL certificate.

if __name__ == '__main__':
    app.run(host='0.0.0.0', ssl_context='adhoc', port=4443)

  1. For example, iOS requires this for accessing the accelerometer using device motion in Mobile Safari. Something I've been experimenting with for my 360° photo viewer.