Additional IP updates

scripts/disable_localhost_bypass.sh

@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# One-time helper to force-clear stored allow_localhost_bypass=false via REST API.
+# Env vars:
+# - BASE_URL (default http://localhost:5001)
+# - STARTUP_ADMIN_EMAIL (default admin@localhost)
+# - STARTUP_ADMIN_PASSWORD (default password1)
+
+BASE_URL="${BASE_URL:-http://localhost:5001}"
+EMAIL="${STARTUP_ADMIN_EMAIL:-admin@localhost}"
+PASSWORD="${STARTUP_ADMIN_PASSWORD:-password1}"
+
+echo "[1/3] Logging in to $BASE_URL ..."
+COOKIE_JAR="$(mktemp)"
+trap 'rm -f "$COOKIE_JAR"' EXIT
+curl -sfS -c "$COOKIE_JAR" -H 'Content-Type: application/json' \
+  -d "{\"email\":\"$EMAIL\",\"password\":\"$PASSWORD\"}" \
+  "$BASE_URL/platform/authorization" > /dev/null
+
+echo "[2/3] Forcing allow_localhost_bypass=false ..."
+curl -sfS -b "$COOKIE_JAR" -H 'Content-Type: application/json' -X PUT \
+  -d '{"allow_localhost_bypass": false}' \
+  "$BASE_URL/platform/security/settings" > /dev/null
+
+echo "[3/3] Done. Stored allow_localhost_bypass is now false."
+