Localhost Security Messaging
|December 31st, 2022|
https://) or "not secure" (
http://). This warns the users that without the protection of "
https://" your communications could be read or modified by any network your packets travel over. But how should "
http://localhost" be marked? That's your own computer so it's secure, but the connection isn't encrypted so a padlock would be misleading.
It turns out that the browsers have three options for the url bar, not just secure and insecure. Here's what they look like in Firefox:
Despite the unusual URL bar treatment, the major browsers do now all treat this configuration as a secure context (spec), which means you can use features that require secure contexts, like crypto, MIDI, or geolocation.
Comment via: facebook, lesswrong, mastodon