I have a few applications relying on hash functions, which were developed a while ago before browsers changed their policy to restrict Crypto.subtle to HTTPS connections.
Deploying the webapps on secure connection isn't a problem for me, but testing them locally is.
How can I test for SubtleCrypto, and other features that require secure contexts to work? Is there an option in about:config that I can tweak?
On
Probably too late to help you, but there's a config flag available on Chrome that allows you to specify insecure contexts that should be considered secure.
On Chrome, open chrome://flags and search for the flag "Insecure origins treated as secure". Add the insecure context domains you want to test on and relaunch the browser. Works for me.
I couldn't find a similar flag on Firefox.
Browsers now treat
localhostand loopback IP addresses (127.0.0.0/8and::1/128) as secure, which is a big favor done to developers. See this.