Continued: Google Chrome To Bar HTTP File DownloadsFile downloads like images or executables may not be delivered over HTTPS – even if they are available from an HTTPS website.
Google Chrome will soon restrict certain files, like PDFs or executables, from being downloaded via an HTTP connection – even if they are loaded on HTTPS webpages.
HTTPS indicates that a website has an encrypted connection. When connecting to an HTTP website, browsers merely look up the IP address and send data over to it in clear text. When using an HTTPS website, on the other hand, the browser checks that it has a legitimate SSL certificate before sending data in encrypted form – preventing man-in-the-middle (MiTM) attacks and more.
With Chrome 68’s 2018 release, Google started to label HTTP websites with an “insecure” warning label in the navigation bar. However, just because websites use an HTTPS connection does not guarantee that they are safe from all threats. For example, phishing landing pages can easily make use of SSL certificates (and many do). Similarly, HTTPS websites can still serve up images, scripts or other file types that are downloaded using the less-secure HTTP connection...
February 7, 2020
Got your site(s) ready for this?