The difference between HTTPS and HTTP web protocols is now widely known, and for those who do not have an idea, the former is more secure and sends information in an encrypted form, while the other is an indication that the website you visit Going can not be so safe. Today, most websites load over HTTPS, but there are still some websites that provide mixed content. This means that some HTTPS sites load additional content such as images, video, and audio over an insecure HTTP network. Google also wants to end this practice, and it wants to initiate the transition to block content mixed with Chrome 79.
Chrome 79 to start blocking unsafe content
In Chrome 79, Google will begin work to block all mixed content on HTTPS websites by providing an option to unlock content on specific sites. This can be done by going to the settings found in the lock icon next to the HTTPS link in the address bar.
Exploring the need to block mixed content, Google wrote in its blog, “Browsers block many types of mixed content by default, such as scripts and iframes, but images, audio and video still load Are allowed to do so, threatening users’ privacy and security. For example, an attacker may tamper with a mixed image of a stock chart to mislead investors, or inject a tracking resource into a mixed resource load. Loading mixed content also confuses browser security UX, where the page is presented as neither secure nor insecure.
Chrome 79 will roll out in December this year. Google will begin blocking audio and video resources mixed with Chrome 80 which users should release in January next year. Users can unblock affected audio and video resources by going to Settings. For mixed images, they will be allowed to load, but Chrome will then show the “Not Secure” chip in the omnibox. With the February 2020 release of Chrome 81, Google plans to block mixed images by default.
Google is asking developers to immediately move their composite content to HTTPS to avoid warnings and breakdowns. It has outlined some ways to do this in its blog post.