I can only assume it is a bug. The flag allow-insecure-localhost is gone and there. Seriously? I am migrating to ungoogled chrome in order to continue working. Thanks for forcing my hand.
Edit: As suggested by @Saoiray, it might be a chromium 131.x issue. Upon installing regular Google Chrome the “whats new” page shows bullsht “security powered by AI” and bullsht “passkeys”, so it might be an aftermath of google team messing with security internals. I am planning to pin ungoogled chromium at 130.x, but for everyone else visiting this page, it would be great to have some downgrading instruction to follow or some workaround (none of the existing flags cut it atm)
@AngryUser1 looking through chromium, it seems the exact flag you typed out is not there either. But I am wondering if perhaps the one in screenshot below may do the same? I’m not knowledgeable on this but at least wanted to respond in case it’s something helpful and overlooked.
Thankfully my chromium is at 130.x instead of 131.x. But if what you say is true… we need a way to downgrade Brave/Chromium/whatever and lock it from updates at 130.x.
// check available versions
apt-cache madison brave-browser
// downgrade
sudo apt install brave-browser=1.71.123
Then open brave://flags#allow-insecure-localhost to re-enable it
Somehow it is not required on regular Google Chrome, so there is a chance they either screw up with competing chromium-based browsers or fixed it in newer versions.