Google Chrome 90 will make HTTPS the default
Google Chrome is getting a small but important upgrade
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Googlewill soon roll out a new version of its Chromeweb browserthat will automatically load all incomplete URLs via the more secure HTTPS protocol.
With current builds, if an incomplete URL is typed into the Chrome Omnibox (Google’s name for the URL bar), the browser will load the domain via HTTP. Typing inexample.com, for instance, will take the user tohttp://example.com.
After the change has been introduced, however, Chrome will automatically funnel all unfinished URL queries to the corresponding HTTPS address (e.g.https://example.com), provided the website supports the newer protocol.
Last month, the change took effect for a small proportion of users with the Chrome 89 update. With testing now complete, HTTPS will be made the default protocol for half-finished URLs with Chrome 90, which is currently set for a full public release on April 13.
However, according to a Googleblog post, the change will not take effect for iOS users until a later date.
HTTPS on Chrome
For the uninitiated, HTTP (or Hypertext Transfer Protocol) is a protocol that allows a web browser to send a request to aweb hostingserver, as well as receive a response.
HTTPS (or Hypertext Transfer Protocol Secure) is the younger, more secure cousin of HTTP. It performs the same function, but uses TLS/SSL encryption to secure requests and responses, instead of sending information in plaintext.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Google has long been a proponent of HTTPS and has put in place a number of mechanisms to accelerate the transition to the newer protocol.
Chrome is already configured to upgrade full HTTP URLs typed into the browser to HTTPS whenever possible and also alerts users that are about to submit login credentials or credit card details on HTTP web pages.
The browser also blocks downloads from HTTP sources that sit underneath an HTTPS page, which prevents malicious actors from tricking victims into believing a download is coming from a secure source.
With Chrome 90, Google will patch up one of the few remaining avenues by which users might accidentally land on a less secure HTTP webpage.
Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.
7 myths about email security everyone should stop believing
Best Usenet client of 2024
Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’
