https://docs.connect.squareup.com/articles/adding-payment-form/#settinguppaymentform
The payment form must be generated on a webpage that uses HTTPS, with one exception: you can test on localhost without using HTTPS.
I have added a warning, when a payment form is loaded over HTTP on non-localhosts:
