As discussed on the RailsGoat FAQ (https://railsgoat.cktricky.com/faq.html), there should be support for SSL/TLS. We can just use letsencrypt, and add tutorials/tests for cookie flags, HSTS, mixed content and other configuration options.
Q: Will you support SSL at some point?
A: Absolutely, but likely using a self-signed cert. The idea would be to demo framework-specific protections rather than the certificate itself.
As discussed on the RailsGoat FAQ (https://railsgoat.cktricky.com/faq.html), there should be support for SSL/TLS. We can just use letsencrypt, and add tutorials/tests for cookie flags, HSTS, mixed content and other configuration options.