Chrome 76: no more https or www in address bar

oldschool

Level 81
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,043
Here’s a new instance of Google’s continuing efforts to dumb down the web and keep users in the dark!


Google Chrome users who upgraded the stable version of the web browser to the recently released Chrome 76 version may have noticed that Chrome does not display https or www anymore in the browser's address bar.
Google made the change in 2018 for the first time when it released Chrome 69 but had to undo it after user outcry over the removed feature. Back then, Google decided to remove what it called trivial subdomains like www. or m. to display only the root domain in the address bar; this lead to issues on sites that supported several of the trival subdomains as it was no longer possible to look at the address to verify the active site.
Google called these subdomains trivial because it believed that most Internet users would not require the information.
Google did state back then that it would remove certain trivial subdomains again at a later point in time. It appears that the time has come, as Chrome 76 hides the www part of the domain name and the https:// protocol information from its address bar.


You may wonder why Google decided to make the change. Google engineer Emily Schechter revealed Google's intention on the official Chromium bug page.
The Chrome team values the simplicity, usability, and security of UI surfaces. To make URLs easier to read and understand, and to remove distractions from the registrable domain, we will hide URL components that are irrelevant to most Chrome users. We plan to hide “https” scheme and special-case subdomain “www” in Chrome omnibox on desktop and Android in M76.
According to the post, Google believes that certain parts of the URL are distracting and irrelevant to most Chrome users.
Chrome users need to click twice in the URL bar to display the full address of the page. It is unclear why Google believes that clicking twice and not once is right when it comes to that but that is far from the only issue that users may experience once they upgrade to Chrome 76.
Users who try to copy just the domain part of an address will notice that Chrome adds the protocol and www. if used to the copied address automatically. There is no option to prevent this from happening right now; users who just want the domain need to process the copied text before they may use it as intended.
Another issue that users may run into is when a site uses www exclusively. Chrome displays the domain without www only and some users may try to load the domain without www as a consequence in the future. If there is no redirect, Chrome will display a 404 not found error instead.

It is too early to tell if companies who use Chromium as the source for browsers will follow Google's lead. Browsers like Microsoft Edge, Opera, Brave, or Vivaldi all use Chromium and if developers don't make changes to the source code, will follow Chrome in displaying less information in the address bar.
Chrome 76 supports two experimental flags currently that reverts the change. These flags will be removed eventually from Chrome, however.
  1. Load chrome://flags/#omnibox-ui-hide-steady-state-url-scheme and set the state to Disabled to always display the URL scheme, e.g. HTTPS, in the Chrome address bar.
  2. Load chrome://flags/#omnibox-ui-hide-steady-state-url-trivial-subdomains and set the state to disabled to display trivial subdomains all the time.
  3. Restart Google Chrome.
Closing Words
As far as I'm concerned, I prefer if browser's display all information and both the protocol and the www subdomain are vital parts of the address and should not be hidden; especially so if the hiding may lead to confusion or problems.
Google seems intent to go forward with the change on desktop and on Android. Unless there is an equally large outcry about the change, it is unlikely that Google will revert it for a second time.
I think that Google is just starting with pushing certain changes in Chrome and most of the web, and not all of them are in the best interest of Internet users.




 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Unless you're blind, then most won't have a problem.

Default Chrome - No HTTPS shows as Not Secure (INFORMATION)
1564763382709.png


And if using (chrome://flags/#enable-mark-http-as) set to Mark as Dangerous (TRIANGLE Warning)
1564763156674.png


Default Chrome - If Yes HTTPS (PADLOCK)
1564763191363.png
 
L

Local Host

They won't do that, they're not stupid like the average Google userbase.
Considering www.site.com is not the same as site.com, yes they are stupid.

Even though some websites have redirects for the proper domain, the same is not true for every website (especially on private domains in local networks), which comes with the complaint,
Chrome displays the domain without www only and some users may try to load the domain without www as a consequence in the future. If there is no redirect, Chrome will display a 404 not found error instead.
I'll be giving feedback to Microsoft, to avoid that nonsense on Edge.
 
Last edited:

DeepWeb

Level 25
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
I have these things disabled on desktop! But I have them enabled on my mobile browser because looking at https://www is really annoying when you have little screen space. I also set the flag to show my search query in the omnibox instead of the loooong search url nobody understands. I don't mind them simplifying the text. What I would mind is that it's so difficult in Chrome to see what type of certificate and TLS protocol is being used. You have to go all the way into Inspect Element and find the hidden security tab. It's ridiculous. You used to be able to see it just by clicking the lock icon.
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
I have these things disabled on desktop! But I have them enabled on my mobile browser because looking at https://www is really annoying when you have little screen space. I also set the flag to show my search query in the omnibox instead of the loooong search url nobody understands. I don't mind them simplifying the text. What I would mind is that it's so difficult in Chrome to see what type of certificate and TLS protocol is being used. You have to go all the way into Inspect Element and find the hidden security tab. It's ridiculous. You used to be able to see it just by clicking the lock icon.
They are also removing subdomains from the address bar. That makes no sense. If they think people don't look at the address bar then why bother changing? They are failing to back up their own reasoning.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top