Cannot sign into Sourcegraph admin account over HTTP when HTTPS is configured

Created by: slimsag

The situation:

You have Sourcegraph running in prod behind an HTTPS-terminating load balancer
You spin up the "new" version of Sourcegraph for an upgrade, like you would for managed instances or any other red/black deployment of Sourcegraph.
You want to sign into the new (non-HTTPS) Sourcegraph instance to check if it works OK before switching the load balancer over to the new one.

Problem:

You cannot sign in with Chrome (Firefox lets you, but it's unclear for how long this will work) due to the CSRF cookies being locked to HTTPS-only.

Note: If we remove our redundant CSRF cookies, https://github.com/sourcegraph/sourcegraph/issues/7658, that would address the issue.