HTTPS has largely replaced its less secure predecessor HTTP as the default choice for sending resources over the internet. The key difference between the two is that HTTPS transmits data using an encrypted connection, while data loaded over HTTP is not. Google began marking all sites still utilizing HTTP connections as ‘Not Secure’ with the release of Chrome 68 last year, and today, Google announced additional plans to inform users when sites utilize an insecure connection. With these latest changes, the Chrome team hopes to address the problem of mixed content.

Mixed content refers to the practice of insecurely loading additional resources (images, audio, and video, for example) over HTTP on an otherwise HTTPS site. Beginning with Chrome 79, mixed content will be blocked gradually in order to give sites time to make necessary changes. The first of these changes in Chrome 79 will be a new setting that will allow users to unblock mixed content on a particular site. This setting can be found by clicking the lock icon found next to the address of an HTTPS site.

Mixed audio and video resources will be blocked by default in Chrome 80 if they can not be loaded over HTTPS. This content can be selectively unblocked using the previously described settings menu. Mixed images will also be effected in Chrome 80. They will still load, but will now cause a “Not secure” message to appear in the address bar. However, this grace period for images will end with Chrome 81 where all mixed content will be blocked by default. Chrome 81 will begin rolling out in February 2020.