December 9, 2023

Chrome browser version 90 will arrives in mid-April, initial website visits will default to a secure HTTPS connection in the event the user has failed to specify a preferred URI scheme. when a user types “www.example.com” into Chrome’s omnibox, without either an “http://” or “https:// prefix,” Chrome chooses “http://.” The same is true in other browsers like Brave, Edge, Mozilla, and Safari.

This made sense in the past when most websites had not implemented support for HTTPS. 2 years back the majority of websites redirected traffic to HTTPS. But these days, most of the web pages loaded rely on secure transport in which most of them are Https

Previously, only websites that declared they should be loaded securely with an entry on an HTTP Strict Transport Security (HSTS) preload list – supported in multiple browsers – got HTTPS automatically.

Chrome 90 will make HTTPS the default for first time website visits where no transport has been declared. Beyond the security and privacy benefits, this will improve performance since the delay incurred by redirection from an http:// endpoint to an https:// endpoint will no longer happen.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Post

Chrome Tailgates IE fix 0 Day

June 10, 2021

Google now let you Untrusted Extension

June 6, 2021

You may have missed

Apache Struts fixes Critical Vulnerability – CVE-2023-50164

December 8, 2023

Meta enables Messenger with E2EE by Default

December 8, 2023 2

CISA KEV Update Part II – December 2023

December 7, 2023

Atlassian fixes critical RCE vulnerabilities in its products

December 6, 2023

Microsoft Echo’s on APT 28 exploiting CVE-2023-23397

December 5, 2023

Papercut Privilege Escalation Vulnerability Unearthed

December 5, 2023
%d