Chrome plans to make HTTPS the default when a user types an address

[silversurfer]

Google plans to introduce functionality in the company's Chrome web browser to make HTTPS the default.

A recent Chromium commit, spotted by Windows Latest, confirms the plan.

Default typed omnibox navigations to HTTPS: Initial implementation
Presently, when a user types a domain name in the omnibox such as "example.com", Chrome navigations to the HTTP version of the site (Example Domain). However, the web is increasingly moving towards HTTPS, and we now want to optimize omnibox navigations and first-load performance for HTTPS, rather than HTTP.

The initial version of the implementation is just a first step according to Google. It will modify code so that omnibox and auto-complete codes use HTTPS as the default. Google calls this "upgraded HTTPS navigations".

Chrome will fall back to HTTP if HTTPS is not supported by the site in question. SSL errors are ignored by Chrome if the HTTPS connection fails provided that it was part of an HTTPS upgrade.

The current implementation is not ready for general use according to Google. One shortcoming is that it waits for the HTTPS connection to load or to fail before trying HTTP. Future versions will cancel the load automatically to try HTTP connections.

The feature will be implemented in Chromium and it will, as such, become part of other Chromium-based web browsers such as Vivaldi, Microsoft Edge, Opera or Brave as well.

Google did not reveal performance information; it seems unlikely that users will notice a positive effect but it is quite possible that HTTP sites may load slower, at least initially because of the change.

Chrome will soon try HTTPS first when a user types an address in the browser - gHacks Tech News

Google plans to introduce a change in the company's Chrome browser that switches the browser's connection logic from HTTP to HTTPS.

www.ghacks.net

 

[HarborFront]

So, extensions like HTTPS Everywhere, Smart HTTPS etc will be gone. The auto upgrade to HTTPS feature in Brave browser now will also have to go since Chromium will have this built-in feature

 

[Gandalf_The_Grey]

So, extensions like HTTPS Everywhere, Smart HTTPS etc will be gone. The auto upgrade to HTTPS feature in Brave browser now will also have to go since Chromium will have this built-in feature

That is a good thing?

 

[Stas]

Already using HTTPS-only mode in Firefox

 

[HarborFront]

That is a good thing?

I think it should be good provided it’s being properly implemented. Issues like how to handle HTTPS sites with 'Insecure' marking due to mixed content, how to whitelist HTTP sites which you want/bookmark and not being blocked to open to be treated as 'Secure' sites etc

 

[HarborFront]

Already using HTTPS-only mode in Firefox

HTTPS-only mode in FF is just like Smart HTTPS i.e. it forces a HTTP site to upgrade to HTTPS site. If cannot, then it falls back to a HTTP site and warn you as such. Of course, Smart HTTPS also comes with a whitelist feature for you to whitelist those HTTP sites you want. I think the new feature in Chrome (and Chromium) works on this method.

HTTPS Everywhere works a bit differently i.e. it's based on a whitelist of sites. If your HTTP site is on the whitelist then it'll be auto upgraded to the HTTPS site. If not then it stays as a HTTP site. It also has a feature to handle mixed content in a webpage. If Chrome(and Chromium) works on the above method then likely it'll not handle mixed content (eg. images) in the webpage which can present as insecure elements i.e. the website is a HTTPS site with 'Insecure' marking

 

[ForgottenSeer 85179]

That is a good thing?

yes, as only browser standards can cause changes to web pages