'Google wants to block some file downloads carried out via HTTP on
websites that use HTTPS. The plan is to block EXE, DMG, CRX, ZIP,
GZIP, BZIP, TAR, RAR, and 7Z file downloads when the download is
initiated via HTTP but the website URL shows HTTPS.
Google said it's currently not thinking of blocking all downloads
started from HTTP sites, since the browser already warns users about a
site's poor security via the "Not Secure" indicator in the URL bar.
The idea is to block insecure downloads on sites that appear to be
secure (loaded via HTTPS) but where the downloads take place via plain
-- source: https://tech.slashdot.org/story/19/04/10/1758206
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174