Security News > 2020 > February > Google Chrome To Bar HTTP File Downloads
Google Chrome will soon restrict certain files, like PDFs or executables, from being downloaded via an HTTP connection, if they are loaded on HTTPS webpages.
With Chrome 68's 2018 release, Google started to label HTTP websites with an "Insecure" warning label in the navigation bar.
Starting in Chrome 82, set to be released in April, Google wants to uproot this issue by first warning users of, and later blocking, "Mixed content downloads," over HTTP, which could consist of HTTP executables, archives, multimedia files and all other "Non-safe" types.
Starting with Chrome 82, Google Chrome will first merely warn users if they are downloading executables using an HTTP connection - then, with Chrome 83 the browser will begin to block them.
Google also said that in the current version of Chrome Canary and in Chrome 81, developers can activate a warning on all mixed content downloads for testing by enabling the "Treat risky downloads over insecure connections as active mixed content" flag at.
News URL
https://threatpost.com/google-chrome-to-bar-http-file-downloads/152674/
Related news
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Google to let businesses create curated Chrome Web Stores for extensions (source)
- Google says “Enhanced protection” feature in Chrome now uses AI (source)