Google Chrome will block non-secure HTTP downloads

Google Chrome developers have announced blocking of ‘mixed content downloads’ (when files on HTTP links are downloaded on HTTPS pages). This step is in line with Chrome’s earlier approach, blocking all non-secure resources on HTTPS pages.

Files downloaded via HTTP links threaten the privacy and security of users. As a first step, Chrome developers want to block HTTP downloads on HTTPS pages.

Beginning with Chrome 82, due out in April 2020, warnings about non-secure downloads will appear in the browser. Initially, this rule will only apply to executable files, but then other types of files will fall under it.

The following image shows Chrome developers’ plans to block HTTP downloads:

Full blocking of all HTTP downloads should appear in Chrome 86, which is scheduled for release in October 2020.

Corporate clients and various educational projects can disable download blocking for each site on an individual basis using the InsecureContentAllowedForUrls policy.

Subscribe to our updates to stay up to date with the latest SSL news!