Good stuff.
Anyone have a good recipe for setting up an HTTPS for one-off experiments in localhost? I generally don't because there isn't much of a compromise story there, but it's always been a security weakness in how I do tests and if Chrome is going to start reminding me stridently I should probably bother to fix it.
How exactly are unencrypted localhost connections a security weakness? To intercept the data on a loopback connection you'd need a level of access where encryption wouldn't really add much privacy.
Chrome treats localhost as a secure origin (regardless of HTTPS) by default - don't overthink it.
Oh, groovy; if they keep doing that I'm all good, since I usually do one-off remote stuff by SSH tunnels anyway.
I haven't used it, but I think `mkcert` is the go to solution for this. [0]
[0]: https://github.com/FiloSottile/mkcert