Client hints spec (http://httpwg.org/http-extensions/client-hints.html#security-considerations) was recently updated to allow sending of client hints on only secure transports (i.e., HTTPS URLs).
Chromium implementation of client hints should be updated to follow the spec. Additionally, we should allow client hints on local URLs for easier testing by developers.
Comment 1 by bugdroid1@chromium.org
, Nov 9 2017