Google Chrome will default to HTTPS for incomplete URLs on Android and desktop

 

Google Chrome would previously load a domain via HTTP by default the moment you typed an incomplete URL (say, neowin.net) into the omnibox. This has been long in practice for those of us who didn’t have the luxury of time to type the entire URL with the proper protocol.

That’s changing soon with a new update that Google is rolling out as part of Chrome 90. The Mountain View-based company announced today that Chrome will use the more secure HTTPS by default when you type a URL without specifying a protocol in the omnibox, assuming the site you’re visiting already supports HTTPS. The new default will apply to the browser’s desktop and Android versions. It is also rolling out to Chrome on iOS soon.

If a site doesn’t support HTTPS yet, the browser will switch to HTTP instead. This will also occur in the event of certificate errors or connection issues. This protocol encrypts any information transmitted over a network to fend off potential attacks. Of course, Google will still alert you to the risks of visiting HTTP websites.

In addition to security, the latest change will also reduce load times as it bypasses a redirect from HTTP to HTTPS on some websites that already support the HTTPS protocol. Google has long been pushing for HTTPS as the default protocol for data transmission. With the release of Chrome 90, Google is trying to address one of the remaining loopholes through which you may accidentally open an insecure domain.