Modern APIs require HTTPS

We are currently at a point in our technological development where new high-value APIs and features are being added quickly. These include service workers and HTTP/2, both requiring HTTPS. WebRTC and now Geo-Location also require HTTPS. Any API that deals with personal information either is or soon will be gated behind HTTPS (https://www.chromium.org/Home/chromium-security/deprecating-powerful-features-on-insecure-origins).

While these APIs could work without HTTPS, the security wraps these features in confidence. Think about it for a moment—the deeper a platform lets you integrate, the more they will require of your application.

Requiring HTTPS ensures a minimal amount of security and trust, and thus enough faith from potential platforms that you are not going to do evil things.