{"id":5236,"date":"2017-10-23T09:34:05","date_gmt":"2017-10-23T13:34:05","guid":{"rendered":"https:\/\/www.thesslstore.com\/blog\/?p=5236"},"modified":"2023-04-10T11:36:25","modified_gmt":"2023-04-10T15:36:25","slug":"google-chrome-62-not-secure-warning","status":"publish","type":"post","link":"https:\/\/www.thesslstore.com\/blog\/google-chrome-62-not-secure-warning\/","title":{"rendered":"Google Chrome 62 is here, the Not Secure warning? Not so much"},"content":{"rendered":"\n

Google’s new insecure forms warning for HTTPS sites is still in testing.<\/h2>\n\n\n\n

Many internet users viewed Chrome 62 as the deadline to install an SSL certificate on your website if you had any forms. After all, Google had advertised its Not Secure warning as arriving in this version on its own security blog. But Chrome 62 is out and the Not Secure warning is no where to be found.<\/p>\n\n\n\n

Buy an SSL\/TLS Certificate<\/a><\/div>\n\n\n\n

So what gives?<\/span><\/p>\n\n\n\n

Google Chrome isn’t a traditional piece of software. Here’s how Eric Lawrence describes it on his blog TextSlashPlain<\/a>:<\/p>\n\n\n\n

\n

What isn\u2019t <\/em>mentioned in the blog post is exactly how this feature will roll out\u2013 many readers naturally assume that it\u2019s as simple as: \u201cIf you have Chrome 62, then this feature is <\/em>present<\/em>.\u201d After all, that\u2019s how software usually works.<\/p>\n\n\n\n

In Chrome, things are more interesting. Where possible, Chrome rolls out new features dynamically using the Field Trials <\/strong>platform. You can think of Field Trials as a set of server-controlled flags that allow Google to change Chrome\u2019s behavior dynamically, at runtime, without shipping a new version.<\/p>\n<\/blockquote>\n\n\n\n

Lawrence goes on to explain the Field Trials are used for two things:<\/p>\n\n\n\n

    \n
  1. Experimentation<\/li>\n\n\n\n
  2. Rollouts<\/li>\n<\/ol>\n\n\n\n

    Google’s Insecure Fields warning is still in field testing<\/h2>\n\n\n\n

    When Google tests a new feature it creates small test groups and compares telemetries against a control group. If the feature performs well, it’s considered for rollout in Chrome stable. Traditionally Chrome performs these tests on its developmental browsers (Canary, Dev & Beta).<\/p>\n\n\n\n

    Where things get tricky is the rollout itself. Even with substantial testing, it’s still possible to miss flaws and bugs. By field testing, it allows Google to roll out to a substantial portion of its users, but still a small percentage of the total. Then Google can calibrate everything in Stable to ensure the rollout goes smoothly before ramping up the percentage for a complete release.<\/p>\n\n\n\n

    If anything goes terribly wrong, the field testing also lets Google tamp things down quickly.<\/p>\n\n\n\n

    As for the Not Secure\/Insecure Forms warning, it will be here soon.<\/p>\n\n\n\n

    \n

    Rest assured that I\u2019m eager to push the new Not Secure<\/strong> warnings to 100% and I expect to get to do so very soon. If you just can\u2019t wait, you can override the field trial and turn it on yourself by changing chrome:\/\/flags\/#mark-non-secure-as and restarting Chrome.<\/p>\n<\/blockquote>\n\n\n<\/span><\/span>","protected":false},"excerpt":{"rendered":"

    Google’s new insecure forms warning for HTTPS sites is still in testing. Many internet users viewed Chrome 62 as the deadline to install an SSL certificate on your website if…<\/p>\n","protected":false},"author":6,"featured_media":5237,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":"","tve_updated_post":"","tve_custom_css":"","tve_user_custom_css":"","tve_globals":{},"tcb2_ready":0,"tcb_editor_enabled":0,"tve_landing_page":"","_tve_header":"","_tve_footer":""},"categories":[17],"tags":[4770,131,155,208],"class_list":["post-5236","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-industry-lowdown","tag-chrome-62","tag-google","tag-google-chrome","tag-not-secure","post-with-tags"],"views":16114,"jetpack_featured_media_url":"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2017\/10\/iStock-483094553.jpg","_links":{"self":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts\/5236","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/comments?post=5236"}],"version-history":[{"count":0,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts\/5236\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/media\/5237"}],"wp:attachment":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/media?parent=5236"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/categories?post=5236"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/tags?post=5236"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}