The idea is that, to prevent compromising data in your user profile, you must use a "temporary" profile path when using the --unsafely... option.
So, for instance,
http://html5demos.com/geo is a HTTP page that tries to use the Geolocation API. This is disallowed by the security policy that says only HTTPS pages may request geolocation.
For testing purposes, you can instruct Chrome to treat "
http://html5demos.com" as a secure origin, but for that flag to take effect, you must also specify a
user-data-dir so that the Chrome instance runs in a temporary profile.
For instance, to achieve this on Windows, you'd use a command line like so: