Teach u2f that .onion is a SecureContext
We received a report that using u2f on an onion service results in Uncaught TypeError: window.u2f.ErrorCodes is undefined
. I suspect this is because U2F doesn't believe http+.onion is a secure content. We should investigate this and fix it, if that is the problem.