> Mozilla will provide developer tools to ease the transition to secure contexts and enable testing without an HTTPS server.
But the bugzilla entry they linked to with that has been unassigned for two years, so maybe they changed their minds or figure the localhost exception is sufficient.
The last comment proposes a whitelist for development domains, but no response to it.
ths helped me (with the 68.0 win edition):
from false to true