Google Chrome is reportedly getting an ‘HTTPS-only mode’ soon. The new feature for the Chrome Web browser, once switched on, will automatically “upgrade” any website with the HTTP protocol to the HTTPS protocol, if it is available. Chrome already defaults to using HTTPS protocol if a protocol isn’t specified. The ‘HTTPS-only mode’ is reportedly still under testing and is expected to release when Chrome 93 or Chrome 94 rolls out. HTTP stands for HyperText Transfer Protocol and the addition of S symbolises secure browsing.
According to a report by 9to5Google, Google is currently testing the new ‘HTTPS-only mode’ for its Chrome browser. The publication spotted the code for the ‘HTTPS-only mode’ on the Chromium Gerrit website. Like most new features for Chrome, Google has hidden it behind a flag in chrome://settings/security. When this secure browsing mode arrives — with Chrome 93 or 94 — it is expected to be available on Chrome for Web, Android, and Chrome OS.
Once activated, the ‘HTTPS-only mode’ will appear on the Security page in Chrome. Users will be able to find it under Settings > Security > Advanced menu. It will appear as ‘Always use secure connections to activate the secure browsing mode’. By default, the setting would be turned off.
As mentioned, if a user decides to turn on the ‘HTTPS-only mode,’ Chrome will automatically “upgrade” websites from HTTP to HTTPS protocol. Chrome, by default, uses the HTTPS protocol unless mentioned otherwise by a user. However, the new HTTPS-only mode is limited to links that a user may click on while browsing or when a user manually enters the HTTP protocol.
If a particular website doesn’t have an HTTPS version — in cases where the website is outdated or the mode has been specifically disabled — Chrome will show an interstitial warning page before going back to the HTTP version of the website.
It is speculated that this setting will only inform users that the website they intend to browse is not available in HTTPS protocol, so users would need to bypass it in order to access it. Also, any site that has already been bypassed the ‘HTTPS-only mode’ will be saved by Chrome automatically.