Steps to reproduce:

(Appeared After Firefox update today)
connect to a http local docker container

make sure "security.insecure_field_warning.contextual.enabled" is "false"

I as an developer am working with unsecured connections which are local on my host. Therefore the message is unnecessarily disturbing while selecting login information.

Actual results:

The warning is still shown on login fields

Expected results:

The warning should not be displayed anymore

The Bugbug bot thinks this bug should belong to the 'Core::DOM: Security' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

If you're loading MS Business office insecurely this is very definitely a wanted warning. MS doesn't host their stuff over http: anymore.

It appears this was removed intentionally. You can enable a similar pref to allow the local IP addresses to skip the warning but not generally. Moving to the password manager component for further triage.

As Daniel mentioned we have removed this pref (bug 1773047). I agree, this is inconvenience for the specific use case, but ability to turn it off can be more harmful. It turns warning off for everything, what would happen if developer goes to some mission critical portal and it's not secured (phishing scenario)? These days developers have become a target for attackers.

I'd recommend to use HTTPS even locally for development, that way you have better security and development happens over same protocol as users would use it.

Why remove this setting?
It was switched on by default, but users that wanted control over this very annoying popup could at least turn it off.

Taking it away is such a microsoft way of thinking that you know better than your users!
https is not equivalent with security, smart users are. Anyone wanting to do some phishing can create a website with a free certificate.

I'll be downgrading to a more well-behaving version of firefox and block upgrades.