From Chrome 83 Onwards, Google Will Block Some HTTP File Downloads
Restrictions on Mixed Content – Google Won’t Allow You to Download Some Files via HTTP
Many might not know, but earlier in April 2019, Google has shown a concern to prevent cybersecurity threats, for that Google engineers even shared their willingness to block some of the HTTP files which are downloaded through the HTTPS URL.
Now, Google has announced it officially for bringing its plan to fruition by moving ahead and will make changes to the upcoming versions of the Google Chrome browser accordingly. Though, it doesn’t mean that all HTTP downloads will be banned at least not at once.
Another thing addressed by the browser maker earlier was Google doesn’t intend to block any HTTP download coming from HTTP sites. Also, Google Chrome is already warning its users regarding the site’s security issue by showing the “Not Secure” warning in its URL bar.
Here’s What Google Will Start Blocking
The main reason is to block these insecure downloads through sites that appear to be secured and loaded through HTTPS, but in reality, these downloads come from HTTP. And Google is trying to stop this because the presence of HTTPS (SSL/TLS Certificate) tricks users into believing that their download is also through HTTPS, but it’s not always the case.
Chrome’s New Change
In Released Chrome 81:
- Chrome has started showing a console message warning regarding downloads of mixed content.
From Chrome 82 (Which Was About to Release in April 2020, but It’ll Be Skipped):
- Chrome was about to block executable files that come under mixed content
From Chrome 83 (Expected to Be Released on June 2020):
- Chrome will start blocking some executable files that come under mixed content
- Chrome will warn users on archives (.zip) and disk images (.iso) files that come across as a mixed content
From Chrome 84 (Expected to Be Released on August 2020):
- Chrome will completely block executable, archives, and disk image files.
- Chrome will start warning regarding image, audio, video, and text formats that come across as mixed content downloads.
From Chrome 85 (Expected to Be Released in September 2020):
- Chrome browser will warn users for downloads of all the images, audio, video, and text which come across as mixed content.
- Other files which come under mixed content will be blocked and cannot be downloaded.
From Chrome 86 and Onwards (Expected to Be Seen in October 2020):
- All mixed content will be blocked and fail to download.
Google Chrome: Why Sudden Mixed Content Restrictions
Furthermore, Google has also addressed that in some circumstances such as intranets, HTTP downloads do not carry higher risk. For these types of situations, Google has its Google Chrome policy (InsecureContentAllowedForUrls), which allows you HTTP downloads within the controlled environments.
Also, Webmasters, who’re looking to test whether their websites comply with this new policy, can do it via the latest Google Chrome Canary, the testing version of Chrome. For that, all you need to do is enable the Chrome flag: chrome://flags/#treat-unsafe-downloads-as-active-content
- Fix ERR_CONNECTION_CLOSED Error on Google Chrome
- Fix NET::ERR_CERT_AUTHORITY_INVALID Error on Google Chrome
- Fix ERR_CONNECTION_REFUSED in Google Chrome
- Fix Err Connection Timed Out Error in Chrome
- Google Chrome Will Mark All HTTP Pages as “Not Secure” From July 2018
- View SSL Certificate Information in Latest Google Chrome
- Quick Steps to Fix Google Chrome SSL Certificate Errors