fix(bridge): allow localhost as secure RPC URL for local L2 network

isHTTPS() previously rejected http://localhost URLs as insecure,
causing the "RPC URL is not secure" warning modal on every chain
switch attempt in local development environments.

localhost and 127.0.0.1 are treated as secure contexts by browsers
and MetaMask, so they should not trigger the warning.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: theo-learner

src/utils/network.ts

@@ -15,7 +15,13 @@ export const getChainById = (chainId: number): Chain => {
 };
 
 export const isHTTPS = (url: string) => {
-  return url.startsWith("https://");
+  if (url.startsWith("https://")) return true;
+  try {
+    const { hostname } = new URL(url);
+    return hostname === "localhost" || hostname === "127.0.0.1";
+  } catch {
+    return false;
+  }
 };
 
 export const getRPCUrlFromChainId = (chainId: number) => {