Allow "indicate if page is saved" with non-https url-s

There are a number of cases where http:// is actually secure, eg. VPN-s or secured local networks. It makes no sense to flat-out restrict this. There should be a big fat warning and a sentence of explanation, but the only users needing this are the ones who self-host, so not security-illiterate people.