Google is developing a new Chrome feature that will automatically redirect visitors away from insecure websites that are still utilising HTTP. Instead of HTTP, users will be routed to sites that employ HTTPS. Google has long advocated using HTTPS, and its Chrome browser has been labelling all HTTP sites as "not secure" since 2018.
Google began warning users about insecure forms on HTTPS sites with the introduction of Chrome 86 last year, in order to protect users from submitting critical information such as banking information. Google is preparing to add a "HTTPS-Only Mode" to Chrome, according to a new post on the Chromium Gerrit website.
Once Google Chrome supports HTTPS-Only Mode, a new toggle to "Always utilise secure connections" will be added to Chrome's security settings under the "Advanced" tab. If you enable this setting, Google will update "all navigations to HTTPS" and alert you before loading any website that does not support it.
HTTPS-Only Mode Setting is described as “a setting under chrome:/settings/security to opt-in to HTTPS-Only Mode. — Mac, Windows, Linux, Chrome OS, Android” in the new code.
This HTTPS-Only Mode will be toggled off (disabled) by default, although Chrome will already use HTTPS if you do not type http:// or https:// in the address bar when entering a website's URL.
If an HTTPS version of the website you're looking for isn't available for some reason, Chrom will display a warning page before using the HTTP version. Google will remember which sites you allow to bypass HTTPS-Only Mode, so Chrome will not prompt you or warn you again the next time you visit them.
Most new Chrome features, this new mode will initially be hidden behind a flag in chrome://flags. This HTTPS-Only Mode for Google Chrome is currently under development and in all probability will roll out till Chrome version 93 or 94 are rolled out. Chrome 93 is scheduled to release in August and Chrome 94 is expected in September.
