Chrome finally kills off the HTTP-HTTPS “mixed content” warning

In the new version of Chrome, which should be rolling out to everyone today, the "mixed content" warning—that mysterious little yellow "caution triangle" in the address bar—will finally be removed. Instead, sites with a mix of HTTP and HTTPS content will show a normal, grey piece of paper, as if it's a regular HTTP-only website.

According to Google, this change is intended to "encourage site operators to switch to HTTPS sooner rather than later." The problem is, it's almost impossible to switch completely from HTTP to HTTPS in one fell swoop—there are just too many factors that need to be tested and debugged. At the same time, webmasters weren't keen to begin the migration process to HTTPS because of that pesky mixed content warning, which had a tendency to spook less-experienced users of the Information Superhighway. This was far from an optimal solution, according to Google: "During this [migration] process the site may not be fully secured, but it will usually not be less secure than before."

As a result, in Chrome 46 (on desktop PCs, at least), there will be just three security states: a green padlock (full HTTPS), a red padlock (broken HTTPS), and a grey piece of paper (HTTP). "We’ve come to understand that our yellow “caution triangle” badge can be confusing when compared to the HTTP page icon, and we believe that it is better not to emphasize the difference in security between these two states to most users," says a Google blog post.

Read 3 remaining paragraphs | Comments