Tip Us Hey you, we are hiring! Join us if you are an author, developer or designer!

Chrome to start ensuring that HTTPS pages can only load secure content

05 October 2019 0

Google Chrome, one of the top browsers today gains many new features via its regular updates. But the primal duty of the company towards its Chrome browser is to make its super influential place a safer place to browse for the users. That’s how Google has made some serious efforts for the browser and following the continuity, Chrome will get some advanced powers to fight against the insecure content present in HTTPS pages.

The widely used protocol HTTPS on the internet was introduced for secure communication and to protect users against eavesdropping, where attackers could secretly relay and possibly alter the data flowing between two parties. In February 2018, Google announced that its Chrome browser would mark HTTP sites as “Not Secure” and encourage website owners to implement HTTPS as well. The same year, Google started marking the HTTP websites as "Not Secure" in an attempt to assist web developers to shift to a much secure HTTPS protocol.

But unfortunately, the websites with HTTPS badge started including the insecure content. It’s unknown whether they are intentional actions or not but whatever the case is, they are still not safe for the users. This insecure content also called the mixed content load subresources insecurely via plain HTTP. These subresources include images, videos, and even scripts, iframes or embedded web pages.

So, even being the secure web page, they can still put the users’ safety at risk via those pieces of content that may be loaded externally or through other channels.

So, starting with Chrome version 80 which is coming in January 2020, Google will even mark the HTTPS pages with mixed content as Not Secure, thus making users more aware of the possible scenarios that could take their safety at risk.

Chrome will also attempt to auto-upgrade those mixed content to HTTPS but if it fails, it will just block them and this action will happen in February 2020 by Chrome 81.

Accessing Site settings, from which users will be able to unblock mixed content loads in Chrome 79.

So, Google is giving the developers a heads up so that they could do necessary changes for an interrupted web browsing experience for their users.

In a series of steps starting in Chrome 79, Chrome will gradually move to blocking all mixed content by default. To minimize breakage, we will autoupgrade mixed resources to https://, so sites will continue to work if their subresources are already available over https://.

This means Chrome 79 coming this December will allow users to enable a setting to opt-out of mixed content blocking on particular websites. Google will introduce a new setting to unblock content on specific sites.


0

comments

Chrome to start ensuring that HTTPS pages can only load secure content
Write a comment...
Android

Qualcomm confirms upcoming phones coming with Snapdragon 865 SoC

Android

Motorola Moto Edge Plus, One Mid, G8 Power Lite specs leaked

Android

OnePlus 8 Pro 5G real life images with key details might have surfaced

Android

Huawei Mate Xs with improved hinge and Kirin 990 SoC launched