Google announced it will warn Chrome users before loading public HTTP sites. The rollout starts in April 2026 and reaches all users in October 2026.
Chrome To Warn Users Before Loading HTTP Sites Starting Next Year
Chrome will enable "Always Use Secure Connections" by default in October 2026. The setting automatically attempts to upgrade navigations to HTTPS. If HTTPS is unavailable, Chrome will show a bypassable warning before loading a public HTTP site.
Google said the warnings will not apply to private sites. Exclusions include local IP addresses, single-label hostnames, and internal shortlinks. These categories are treated separately from public websites.
Key Details
Google will stage the rollout in two phases aligned with Chrome release milestones:
- Chrome 147 - Enables the feature for Enhanced Safe Browsing users in April 2026.
- Chrome 154 - Enables the feature by default for all users in October 2026.
- The feature name is "Always Use Secure Connections."
- Chrome will try HTTPS upgrades before showing any warning.
- Warnings apply only to public HTTP sites.
- Private sites are excluded, including local IPs and intranet addresses.
- Testing indicates warnings will be limited on repeat visits.
| Milestone | Version | Date | Cohort |
|---|---|---|---|
| Initial rollout | Chrome 147 | April 2026 | Enhanced Safe Browsing users |
| Default enabled | Chrome 154 | October 2026 | All Chrome users |
Background Context
Google reports high HTTPS adoption across Chrome traffic. According to its transparency report, 95-99% of Chrome navigations use HTTPS across platforms. When excluding private sites, public HTTPS usage reaches 97-99% on most platforms.
"Always Use Secure Connections" has been available as an optional setting. The change will turn it on by default for all users, with a bypass option for affected HTTP visits. The rollout targets public web security, and private-site exclusions reflect different risk profiles. Google plans to limit repeat prompts based on testing.
.svg)
.svg)
.svg)