diff --git a/cobalt/black_box_tests/black_box_tests.py b/cobalt/black_box_tests/black_box_tests.py
index 5e2843e81fdc..f0fb13243c05 100755
--- a/cobalt/black_box_tests/black_box_tests.py
+++ b/cobalt/black_box_tests/black_box_tests.py
@@ -250,8 +250,11 @@ def __init__(self, args):
       self.proxy_port = args.proxy_port or str(
           self.GetUnusedPort([_server_binding_address]))
       proxy_address = args.proxy_address or _server_binding_address
-      _launcher_params.target_params.append(
-          f'--proxy={proxy_address}:{self.proxy_port}')
+      proxy_url = f'{proxy_address}:{self.proxy_port}'
+      _launcher_params.target_params.append(f'--proxy={proxy_url}')
+
+    _launcher_params.target_params.append(
+        '--unsafely-treat-insecure-origin-as-secure=*web-platform.test')
 
     self.device_ips = args.device_ips
 
diff --git a/cobalt/tools/automated_testing/cobalt_runner.py b/cobalt/tools/automated_testing/cobalt_runner.py
index be7716995691..c8ac84b44248 100644
--- a/cobalt/tools/automated_testing/cobalt_runner.py
+++ b/cobalt/tools/automated_testing/cobalt_runner.py
@@ -151,8 +151,23 @@ def __init__(self,
         self.target_params = [url_string]
       else:
         self.target_params.append(url_string)
+
     if self.launcher_params.target_params:
-      self.target_params.extend(self.launcher_params.target_params)
+      for target_param in self.launcher_params.target_params:
+        if target_param not in self.target_params:
+          self.target_params.append(target_param)
+
+    if hasattr(self, 'url') and self.url.startswith('http://'):
+      url_base = 'http://' + self.url.split('/')[2]
+      found = False
+      for (i, p) in enumerate(self.target_params):
+        if p.startswith('--unsafely-treat-insecure-origin-as-secure='):
+          found = True
+          self.target_params[i] += ',' + url_base
+          break
+      if not found:
+        self.target_params.append(
+            f'--unsafely-treat-insecure-origin-as-secure={url_base}')
 
   def SendResume(self):
     """Sends a resume signal to start Cobalt from preload."""
diff --git a/cobalt/worker/service_worker_jobs.cc b/cobalt/worker/service_worker_jobs.cc
index ff010872cd62..82584cfc879d 100644
--- a/cobalt/worker/service_worker_jobs.cc
+++ b/cobalt/worker/service_worker_jobs.cc
@@ -14,7 +14,10 @@
 
 #include "cobalt/worker/service_worker_jobs.h"
 
+#include <vector>
+
 #include "base/bind.h"
+#include "base/command_line.h"
 #include "base/strings/stringprintf.h"
 #include "base/task/current_thread.h"
 #include "base/time/time.h"
@@ -25,12 +28,20 @@
 #include "cobalt/worker/extendable_event.h"
 #include "net/base/mime_util.h"
 #include "net/base/url_util.h"
+#if !defined(COBALT_BUILD_TYPE_GOLD)
+#include "base/strings/pattern.h"
+#endif
 
 namespace cobalt {
 namespace worker {
 
 namespace {
 
+#if !defined(COBALT_BUILD_TYPE_GOLD)
+const char kUnsafelyTreatInsecureOriginAsSecure[] =
+    "unsafely-treat-insecure-origin-as-secure";
+#endif
+
 bool PathContainsEscapedSlash(const GURL& url) {
   const std::string path = url.path();
   return (path.find("%2f") != std::string::npos ||
@@ -73,11 +84,27 @@ bool IsOriginPotentiallyTrustworthy(const GURL& url) {
   // authenticated, return "Potentially Trustworthy".
   if (url.SchemeIs("h5vcc-embedded")) return true;
 
-  // 8. If origin has been configured as a trustworthy origin, return
-  // "Potentially Trustworthy".
-  if (origin.host() == "web-platform.test") {
-    return true;
+    // 8. If origin has been configured as a trustworthy origin, return
+    // "Potentially Trustworthy".
+#if !defined(COBALT_BUILD_TYPE_GOLD)
+  const base::CommandLine& command_line =
+      *base::CommandLine::ForCurrentProcess();
+  if (command_line.HasSwitch(kUnsafelyTreatInsecureOriginAsSecure)) {
+    std::string origins_str =
+        command_line.GetSwitchValueASCII(kUnsafelyTreatInsecureOriginAsSecure);
+    std::vector<std::string> allowlist = base::SplitString(
+        origins_str, ",", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL);
+    if (base::Contains(allowlist, origin.Serialize())) {
+      return true;
+    }
+
+    for (const std::string& origin_or_pattern : allowlist) {
+      if (base::MatchPattern(origin.host(), origin_or_pattern)) {
+        return true;
+      }
+    }
   }
+#endif
 
   // 9. Return "Not Trustworthy".
   return false;
diff --git a/starboard/android/arm/cobalt/configuration.py b/starboard/android/arm/cobalt/configuration.py
index 579c23f83153..ba3f29386189 100644
--- a/starboard/android/arm/cobalt/configuration.py
+++ b/starboard/android/arm/cobalt/configuration.py
@@ -27,15 +27,6 @@
         'suspend_visibility',
         'timer_hit_after_preload',
         'timer_hit_in_preload',
-        'service_worker_add_to_cache_test',
-        'service_worker_cache_keys_test',
-        'service_worker_controller_activation_test',
-        'service_worker_get_registrations_test',
-        'service_worker_fetch_main_resource_test',
-        'service_worker_fetch_test',
-        'service_worker_message_test',
-        'service_worker_post_message_test',
-        'service_worker_test',
         'service_worker_persist_test',
         'deep_links',
         'web_platform_tests',