Google to enforce HTTPS in Chrome for all links

Google plans to enforce HTTPS by default. The company aims to ensure that all users have HTTPS-First enabled, which automatically redirects HTTP requests to HTTPS. Currently, over 90% of requests sent by Chrome users use HTTPS, but there is still 5-10% of traffic tied to HTTP. To address this, Google has decided to introduce intermediate measures before fully implementing automatic forwarding to HTTPS.

In Chrome 115, the company has updated the browser to gradually enable HTTPS-First mode by default for a small percentage of users. To handle sites that do not support HTTPS, a fallback to HTTP has been implemented if there are issues with completing requests via HTTPS or problems with certificates. For cases where different content is served via HTTP and HTTPS, HTTPS-First mode will be automatically applied if the browsing history for the current site includes past HTTPS hits.

Currently, HTTPS-First mode is enabled for users who are logged into their accounts and have agreed to participate in the Google Advanced Protection program. In future Chrome releases, HTTPS-First will be enabled by default for pages opened in incognito mode. Experiments are also being conducted to automatically enable HTTPS-First for sites known to support HTTPS and for users who rarely use HTTP in their browser.

Furthermore, in Chrome 117, warnings will be implemented when attempting to download files over an insecure connection. Users will be alerted about the risk of these files being spoofed due to the use of unencrypted communication channels. However, warnings will not be shown for image, video, and music files.

Enable HTTPS-First mode in Google Chrome right now

To enable HTTPS-First mode without waiting for a new browser version, do the following.

  1. Open a new tab in Google Chrome.
  2. In the URL bar, type chrome://settings/security and hit Enter.
  3. On the next page in Settings, enable the "Always use secure connections" option.
  4. Now, return to the address bar, and type or paste chrome://flags/#https-upgrades. Enable the flag.
  5. Finally, change one more flag, chrome://flags/#insecure-download-warnings to whether see or hide the prompt.
  6. Relaunch the browser.

Chrome 117 will also show extra details for extensions removed from the Web Store. Specially, it will show the reason due to which the extension was pulled out.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!

Author: Sergey Tkachenko

Sergey Tkachenko is a software developer who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

Leave a Reply

Your email address will not be published.

Exit mobile version
Using Telegram? Subscribe to the blog channel!
Hello. Add your message here.