Localhost is treated as a trustworthy origin even without TLS, so all apps on localhost run in a secure context. This allows secure features to work in development. You can also run multiple apps on localhost with subdomains + ports to separate them. When you do need local HTTPS, use Caddy server.
