Introduces an insecure.html interstitial page that warns users before navigating to unencrypted HTTP sites, except for localhost and previously bypassed hosts. Updates script.js to intercept HTTP navigations, display the warning, and allow session-based bypasses when the user chooses to proceed.