What you need to know
- Google is now working on making HTTPS the default protocol when you connect to a website using Chrome.
- The browser currently defaults to using the HTTP version of websites if the protocol is not specified.
- Google's issue tracker website shows the company is now working on changing this default behavior.
If you pay attention to the URLs of the websites you visit, you might have noticed that they always start with either http:// or https://. These denote the transfer protocol through which data is sent from a given website to your browser, with the latter of the two being the more secure version (the 'S' stands for Secure).
When you're browsing the web, you most probably just type androidcentral.com into the URL bar and click enter. While that's far more convenient than typing out the whole https://androidcentral.com, omitting the protocol leaves it up to the browser to choose one.
As it stands, if the user does not explicitly specify the protocol on their first visit to a website, Google's Chrome browser defaults to using the HTTP protocol. If the website also has an HTTPS version, it'll then redirect you to the more secure version. Every time you visit the website in the future, Chrome will then remember that a secure version is available and automatically take you to it.
However, the fact that the less secure HTTP protocol is still the default for what is the most popular browser around is obviously a problem and, as the folks at 9to5Google discovered, the company is finally looking to fix this.
New commits to the Chromium Gerrit and the Chromium bugs tracker show that Google's engineers are now working on adding an experimental flag to the browser that'll set the HTTPS protocol as the default if the user doesn't specify the protocol within the URL itself.
The browser will then keep trying to connect to the website using HTTPS for either 3 or 10 seconds before giving up and trying the less secure HTTP version.
The feature is, of course, still under development so it'll probably be a while before it rolls out to the general public, but it's still nice to see Google finally fixing what is an obvious problem for its browser — especially when other browsers like Brave have fixed this already.