How is that supposed to work for an IoT device that wants to work out of the box using one of these HTTPS-only browser APIs?
I am not saying I‘d do this, but in theory you could deploy a single reverse proxy in front of your HTTP-only devices and restrict traffic accordingly.