Require fully-specified "https" scheme URLs in the manifest url_handlers input.

[LuHuangMSFT]

See comment from: https://chromium-review.googlesource.com/c/chromium/src/+/2405696

Dominick Ng
Oct 27
I think we should be explicit about the scheme in the spec/explainer, otherwise developers may rightfully ask why they can't include http as well as https links. Asking developers to provide a fully specified origin means we can provide an explicit error message at time of parsing rather than implicitly assuming that "contoso.com" only means "https://contoso.com" and not "http://contoso.com" at time of trying to deeplink.

[LuHuangMSFT]

As currently written in the explainer, we intended to expand "contoso.com" into "https://contoso.com". A convenience, nothing more, because only https URLs are allowed.

Now that I've been prompted to rethink this, I wonder if there is utility in taking the developer's input at face value. This could allow redirects to work. I'm not sure if there are edge cases like that that would be important for developers.

Requiring https only and to always be specified would allow earlier error detection at parse time and would make parsing easier as well.