About Secure Context for Development Environment

Certain browser features require secure contexts, such as HTTPS protocol to be used.

When developing locally, these URLs are considered also secure:

  • http://127.0.0.1
  • http://localhost
  • http://*.localhost
  • file://*

So if you want to have custom domains in your /etc/hosts file for projects developed locally, make sure to end them with .localhost and NOT something else like .local or .dev.

Here is a list of features requiring secure contexts:

  • Credential Management API
  • Web Authentication API (WebAuthn)
  • Clipboard API (write access)
  • Storage Access API
  • Geolocation API
  • MediaDevices API (getUserMedia)
  • Web Bluetooth API
  • Web USB API
  • Web Serial API
  • Web NFC API
  • Service Workers
  • Push Notifications API
  • Background Fetch API
  • Secure WebSockets (wss://)
  • Performance API (some navigation details)
  • Resource Timing API (detailed data)
  • Web Crypto API
  • Payment Request API
  • Persistent Storage API (navigator.storage.persist())
  • Private Network Access (PNA)
  • SharedArrayBuffer
  • COOP/COEP Headers (for cross-origin isolation)
  • Fullscreen API (some features)

Development Security JavaScript HTML5

Also by me

Django Paddle Subscriptions app

For Django-based SaaS projects.

Django App for You
Django GDPR Cookie Consent app

For Django websites that use cookies.

Django App for You
Django 3 Web Development Cookbook - Fourth Edition
Book for You
Django 3 Web Development Cookbook

Learn how to build practical web projects with Django 3.
1st things 1st
SaaS for You
Online prioritizer "1st things 1st"

It's not for everyone, but it might be for you!