As more and more websites deploy HTTPS, Google Chrome will soon introduce a new security measure: blocking the download of HTTP-linked files.
In the past, only data-sensitive websites like banks used HTTPS encryption to ensure security, but now HTTPS has become the standard for most websites.
When users access HTTP sites in Google Chrome, they are automatically marked as “insecure”. And Google is planning to expand the protection, with an experimental “Block insecure downloads” flag in effect that will block Chrome by default if a user tries to download an HTTP-linked file.
The experimental flag reads.
"Block insecure downloads When enabled, blocks insecure downloads. If a user tries to download a file via an insecure transfer (such as HTTP), or via an insecure redirect, the page will display a "blocked" message."
The feature is expected to undergo more extensive testing before it goes live, and will likely be officially introduced in Chrome 111, which will be released next March.
