To fight against fraudsters and computer viruses intensifies; Google Chrome has revealed an additional feature to restrict downloads from non-HTTPS domains. The primary goal of the new Google Chrome block insecure files creation is to alleviate some uncertainty and complacency among internet users. There is evidence that some users are misled into believing that all downloads from HTTPS websites are secure. The content might be on an HTTP site, exposing it to security issues.
HTTPS vs HTTP
The major distinction between HTTP and HTTPS is the SSL certificate. The HTTPS protocol in Google Chrome is an upgraded HTTP protocol that includes a security element. This extra security element is required for websites that transfer sensitive data, such as credit card information. The SSL protocol secures the HTTPS protocol. The SSL protocol encrypts the data sent by the client to the server.
The primary distinction between HTTP and HTTPS is that if someone tries to steal the information being transferred between the client and the server, they will be unable to do so owing to encryption. HTTP does not have SSL, but HTTPS includes SSL, which allows for secure communication between the client and the server.
How should you prepare for the Google Chrome block insecure files feature?
Google Chrome make hard to download insecure files; the error indicates that you do not have the authorization to download the file. Contact the website or server owner to resolve the issue, or look for the file on another website. Go to the website where the file is hosted to resolve this. Contact your hosting provider or website developer to ensure that HTTPS domains protect your files.
Suppose developers enable the “Treat hazardous downloads via unsecured connections as active mixed content”. In that case, they may test mixed content downloads in the current version of Chrome Canary or Chrome 81 whenever it is released.
The Security Option is under development
Google has made great strides in making HTTP webpages less appealing to visitors. Since Google Chrome 94, the web browser has shown a full-page warning when you visit an unsecured website. This is in addition to the “not secure” indication in the address bar when visiting a non-HTTPS website. Google Chrome added the “Always use secure connections” option. Google is currently working on extending the same level of security to HTTP-based downloads.
When that capability is enabled, it will attempt to change your connection to the HTTPS website if you were previously on its HTTP version, much like many of the best web browsers. It’s worth noting that Google Chrome already protects against malicious downloads. Now, Google Chrome make it hard to download insecure files; online forms are automatically blocked, even if they come from an HTTPS domain. When you click a download link, you are sent to an insecure HTTP server.
With the upcoming capability, Google Chrome will prohibit all downloads from non-HTTPS sites. Assume that you are willing to incur risks to collect the required content. In such an instance, 9to5 notes that you can still get past the block, so it’s more of a security warning than a guarantee against dangerous downloads.
Can you avoid the new non-HTTPS download restriction?
After the ban goes operational, there will be times when internet users will need to download stuff from an HTTP site. This might be content from intranet pages or instructional websites, for example. Google recognized this and developed “InsecureContentAllowedForUrls,” a method that allows HTTP downloads to escape the barrier.
A staged approach to preventing dangerous downloads
Google Chrome block insecure files preventing hazardous downloads in stages, which we shall discuss presently:
- Chrome 81: It displays a console notice to all web admins and users regarding all downloads containing mixed material.
- Chrome 82: It warns against executable files and a console warning for all other file types.
- Chrome 83: This edition began to prohibit executable files. Chrome will refuse to download executable files containing mixed content. It will alert users about archive files with mixed content while continuing console warnings for other file types.
- Chrome 84: Beginning in August 2020, Google Chrome also blocked archives and disc images. Mixed content downloads, such as pdf and MS Office documents, will generate warnings. Console warnings for mixed material (videos, music, text, and photos) are not shown.
- Chrome 85: In line with its stage-by-stage banning of dangerous downloads, Chrome 85 released in September 2020, barring all file kinds except text, audio files, videos, and photos. Displaying a console warning for these files.
- Chrome 86: It stopped any dangerous mixed material downloads. Came into existence in October 2020.
How to allow downloads when Google Chrome block insecure files?
Follow the following steps if Google Chrome make it hard to download insecure files:
- Open the Downloads folder on your computer or wherever the download file is stored.
- Select the file by right-clicking it.
- Choose Properties from the drop-down option.
- Navigate to the General tab and look for Unblock under Security.
- Check the box and then press the Apply button.
To save your changes, click OK.