How to allow http

A single prompt in Google Antigravity enabled it for me. Here is a summary:

Developer Guide: Enabling HTTP and SSL Support

This guide explains how to modify the Gallery for Immich WordPress plugin to allow HTTP connections (for local network setups) and add an SSL verification toggle (for self-signed certificates). 1. Loosen URL Validation

In the original plugin, the Immich server URL is restricted to HTTPS unless it is localhost or 127.0.0.1. To allow any HTTP URL (like http://192.168.1.50:2283), follow these steps: Update sanitize_settings()

Find the sanitize_settings function in gallery-for-immich.php and modify the URL check:

- // Original: Ensure it's HTTPS in production (or localhost for dev)
- if (strpos($url, 'https://') === 0 || strpos($url, 'http://localhost') === 0 || strpos($url, 'http://127.0.0.1') === 0) {
+ // Modified: Ensure it's HTTPS or HTTP (allows local network URLs)
+ if (strpos($url, 'https://') === 0 || strpos($url, 'http://') === 0) {
      $sanitized['server_url'] = rtrim($url, '/');
  } else {
      add_settings_error(
          $this->option_name,
          'invalid_url',
-         __('Server URL must use HTTPS (or localhost for development).', 'gallery-for-immich')
+         __('Server URL must use HTTPS (preferred) or HTTP.', 'gallery-for-immich')
      );
  }

2. Add SSL Verification Setting

To help users with self-signed certificates on their local network, you can add an “SSL Verification” toggle. Update settings_init()

Register the new field in the settings_init function:

add_settings_field('ssl_verify', __('SSL Verification', 'gallery-for-immich'), [$this, 'field_ssl_verify'], 'gallery_for_immich', 'gallery_for_immich_section');

Add the field_ssl_verify() Method

Add this method to render the checkbox in the settings page:

public function field_ssl_verify() {
    $options = get_option($this->option_name);
    $checked = isset($options['ssl_verify']) ? (bool)$options['ssl_verify'] : true;
    ?>
    <label>
        <input type="checkbox" name="<?php echo esc_attr($this->option_name); ?>[ssl_verify]" value="1" <?php checked($checked); ?>>
        <?php echo esc_html__('Verify SSL certificates (uncheck for self-signed certificates on local networks)', 'gallery-for-immich'); ?>
    </label>
    <?php
}

Update sanitize_settings() again

Ensure the new field is saved:

// Add this line at the end of sanitize_settings() before the return
$sanitized['ssl_verify'] = !empty($input['ssl_verify']);

3. Respect the SSL Setting in API Requests

Finally, update all WordPress remote request calls (wp_remote_get, wp_remote_post, wp_remote_request) to use the new setting. Example for api_request()

Find where wp_remote_get is called and update the sslverify parameter:

  $response = wp_remote_get($url, [
      'headers' => [ ... ],
      'timeout' => 15,
-     'sslverify' => true
+     'sslverify' => isset($options['ssl_verify']) ? (bool)$options['ssl_verify'] : true
  ]);

[!NOTE]
You must also apply this change to handle_image_proxy(), get_video_url_with_shared_link(), and cleanup_shared_link().

Summary Checklist

1. [ ] Change strpos check to allow any http:// prefix.
2. [ ] Update the localized error message string.
3. [ ] Register the ssl_verify setting field.
4. [ ] Add the field_ssl_verify UI method.
5. [ ] Ensure sanitize_settings saves the checkbox value (boolean).
6. [ ] Pass the dynamic boolean to the sslverify key in all remote requests.