Jump to content
  • Google says Chrome is about to get a lot more secure with default HTTPS, download warnings


    Karlston

    • 290 views
    • 2 minutes
     Share


    • 290 views
    • 2 minutes

    Back in July of 2021, Google stated that it was looking to expand HTTPS adoption with its HTTPS-First mode. This was just months after Google announced that it will default to HTTPS for incomplete URLs. HTTPS-First can be enabled inside the browser Settings by turning on the "Always use secure connections" inside Privacy and Security > Security.

     

    Earlier today, the Chromium team announced that it will make HTTPS (Hypertext Transfer Protocol Secure) default very soon. This means Google will check for a secure network connection and upgrade to HTTPS automatically, though, there will be a fallback mode as well, just in case HTTPS is not available on a website. It is currently in the testing phase on Chrome version 115.

     

    In its announcement post, the Chromium team explains:

     

    Chrome will automatically upgrade all http:// navigations to https://, even when you click on a link that explicitly declares http://.

     

    .. Chrome will detect when these upgrades fail (e.g. due to a site providing an invalid certificate or returning a HTTP 404), and will automatically fallback to http://. This change ensures that Chrome only ever uses insecure HTTP when HTTPS truly isn't available, and not because you clicked on an out-of-date insecure link. We're currently experimenting with this change in Chrome version 115

     

    Another extension of this security measure is that Chrome will soon start warning against potentially malicious content, ie, when a user tries to download a risky file over an insecure connection. The Chromium team explains that it will not warn about typically secure files like images, audio/music files, or video files.

     

    Chrome will start showing a warning before downloading any high-risk files over an insecure connection.

     

    [..]

     

    This warning aims to inform people of the risk they're taking. You will still be able to download the file if you're comfortable with the risk. Unless HTTPS-First Mode is enabled, Chrome will not show warnings when insecurely downloading files like images, audio, or video, as these file types are relatively safe.

     

    1692287758_chrome_will_inform_you_if_a_f

     

    These changes are expected to roll out to users starting next month around mid-September. You may learn more about the changes on the official blog post on Chromium's site.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...