Google reveals its plans to automatically block unsecured content on encrypted HTTPS pages by default, in a gradual roll out…
Encrypted, HTTPS pages have largely replaced unsecured HTTP pages as the default choice for sending resources over the web. The big difference is the former is secure, while the latter has no such protection.
Google Chrome to Block Unsecured Content on HTTPS Pages
Now, Google says it plans to tackle mixed content. That is, using various resources, such as images, audio, and video, through HTTP on otherwise, secured HTTPS pages.
Google will start the practice with the release of Chrome version 79. The search giant will begin gradually blocking mixed content. With version 80, Google will block mixed audio and video by default.
Google writes on its official Chromium Blog:
“…we’re announcing that Chrome will gradually start ensuring that https:// pages can only load secure https:// subresources. In a series of steps outlined below, we’ll start blocking mixed content (insecure http:// subresources on https:// pages) by default. This change will improve user privacy and security on the web, and present a clearer browser security UX to users.”