Google’s roadmap to the end of the non-HTTPS web in Chrome

The latest update to the Chrome browser took another step forward towards creating a more secure web experience for users by forcing audio and video to use HTTPS connections or else be blocked. In ongoing efforts to protect users from unsafe downloads, Google’s developers have now laid the groundwork that will eventually result in non-secure downloads being blocked entirely by Chrome.

On Thursday, Google’s online security blog published the roadmap that will begin the work with the release of Chrome 81 around the third week of March 2020. The first step will include will apply to executable files. Downloading an .exe file from a non-HTTPS source (this is referred to as mixed content when the page is secure but the download source is not) will result in a console warning behind the scenes in Chrome. As of April, when Chrome 82 is released, a warning notification will prompt users that they are downloading the executable from a non-secure source.

The efforts to block non-secure downloads will expand from there with executables being blocked by default in Chrome 83 and other unsecured file types being added to the warning list through subsequent releases. This will end with the release of Chrome 86 in October at which point any and all mixed content downloads will be blocked.