The now widespread adoption of HTTPS it is partly due also to Google, which over time has relied on the popularity of Chrome to bring webmasters and online platform managers to use the protocol by progressively abandoning the less secure HTTP. Today the Mountain View group announces a new initiative pointing in the same direction.
Chrome: via unsafe content from HTTPS pages
Starting next year on browser will start to block the display of contents deemed unsafe within the HTTPS pages. The reference is not only to videos or other multimedia elements, but also to scripts, iframes and portions of code that could implement malicious behavior, endangering the user, his device and the information contained therein. Currently, this type of mixed content it is not labeled as "Not safe" by Chrome and therefore could be a tool in the hands of cyber criminals. Here is the reason for what is announced today by bigG.
In any case it will not be an immediate measure: we will start with the version 79 to debut in its edition stable in December and that will offer users the possibility to allow the uploading of these contents in the websites they consider safe. They can do so by clicking on the padlock icon shown in the address bar and then selecting "Site Settings". By doing this everyone will be able to create a kind of whitelist in view of the changes that will be introduced later.
With the release 80 of the software, which is expected to be released in January 2020 within the Dev channel, the "Not Safe" warning will be shown during navigation. With the'edition 81 which will arrive the following month the browser will try to load the HTTP contents in HTTPS, blocking the display in the event that the attempt should not be successful.