We may not like everything Google plans for the browser and the open web (FLOC, Manifest v3 and Chromium’s dominance will come to mind), but there’s one thing everyone can agree on: Being safe online is always important. Google and other browser manufacturers have long pushed webhosts and website owners to use the encrypted, more secure HTTPS standard over HTTP, and they have already managed to gain more than 90% of regularly visited websites. To get the rest of it, Google wants to make HTTP sites an even less appealing place to visit starting with Chrome 94, estimated to arrive in September.
As a refresher, HTTPS is an extension of standard HTTP (Hypertext Transfer Protocol) and adds encryption to the equation. This means that communication with a website is encrypted during transport, which protects you from curious sniffers in your network who want to listen to your passwords or other interactions you make on a website. Surfing the web in public networks is much safer when you visit HTTPS sites, for example.
Chrome 94 will offer an optional opt-in HTTPS first mode trying to upgrade all HTTPS connections by default. If a site does not support the standard, it will display a full page warning for connection, which gives you the chance to interrupt the process if you do not want to connect without encryption. Google wants to make this HTTPS first mode standard at some point in the future for everyone, and Mozilla is planning a similar move with its only HTTPS mode, first introduced in Firefox 83.
While it’s running, Google is also examining the lock icon in the address bar that shows an HTTPS connection. It turns out that most people think that the lock icon means that a website in itself is reliable, even if only the connection is secure. Therefore, the company wants to test a new look for website information in Chrome 93 with a few users, and turn the lock to an arrow pointing down. Google hopes that it encourages more people to interact with it, and helps them learn more about connection status. HTTP sites without encryption will continue to display the “Insecure” indicator.
Google and Mozilla are definitely moving in the right direction here. The sooner all websites are upgraded to HTTPS, the better. While the standard may not be necessary for browsers such as just from some restaurants or other small businesses, it is still good practice and is one of many elements that protect visitors’ privacy and security.
Chrome 94 will debut in the stable channel in September. If you want to get your hands on the past, keep an eye out for the next few Chrome Canary (APK Mirror) updates. Version 94 should soon be available there.