Currently, "localhost6" and "localhost6.localdomain6" host names resolve to the IPV6 loopback address ::1 only, bypassing native DNS, and corresponding origins are treated as secured. The goal of this entry is to remove this non-standard behavior.
Standards describe an optional resolution of the "localhost" host name and trustworthiness of corresponding origin  . Users have complained about inconsistency between Chromium (which implements the spec), Firefox (which only implemented it recently) and WebKit (where patches are being submitted). Hopefully things can be make consistent and the specification a bit stricter. However, Chromium also has similar but non-standard behavior for "localhost6" and "localhost6.localdomain6". Removing these would help to make things more predictable for users.
Specification being incubated in a Community Group
Status in Chromium
Consensus & Standardization
Last updated on 2020-12-12