Security News > 2020 > February > Google Chrome To Bar HTTP File Downloads
Google Chrome will soon restrict certain files, like PDFs or executables, from being downloaded via an HTTP connection, if they are loaded on HTTPS webpages.
With Chrome 68's 2018 release, Google started to label HTTP websites with an "Insecure" warning label in the navigation bar.
Starting in Chrome 82, set to be released in April, Google wants to uproot this issue by first warning users of, and later blocking, "Mixed content downloads," over HTTP, which could consist of HTTP executables, archives, multimedia files and all other "Non-safe" types.
Starting with Chrome 82, Google Chrome will first merely warn users if they are downloading executables using an HTTP connection - then, with Chrome 83 the browser will begin to block them.
Google also said that in the current version of Chrome Canary and in Chrome 81, developers can activate a warning on all mixed content downloads for testing by enabling the "Treat risky downloads over insecure connections as active mixed content" flag at.
News URL
https://threatpost.com/google-chrome-to-bar-http-file-downloads/152674/
Related news
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Google Chrome is making it easier to share specific parts of long PDFs (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Google Chrome disables uBlock Origin for some in Manifest v3 rollout (source)
- Google to kill Chrome Sync on older Chrome browser versions (source)