HTTPS is much more secure than an HTTP connection, which sends data in plain text over the internet and which could easily be snooped on or intercepted with a man-in-the-middle attack.

Most websites offer both an HTTP and secure HTTP connection, but unfortunately, many browsers default to the less secure connection if there is any ambiguity.

Increasingly that is changing, however, with Chrome for example defaulting to HTTPS when you type an address in the address bar, and Firefox offering an HTTPS-only mode.

With today’s Edge Dev 92 release that browser now also offers an HTTPS-only mode.

“Automatic HTTPS switches your connections to websites from HTTP to HTTPS on sites that are highly likely to support the more secure protocol,” Microsoft said today.

If a website does not have a secure version, however (increasingly rare) this can result in a failed connection. Microsoft has a solution however, saying:

“The list of HTTPS-capable websites is based on Microsoft’s analysis of the web, and helps enable a more secure connection on hundreds of thousands of top domains.”

The new feature should roll out to mainstream users in a number of weeks.

You can activate the feature now by going to edge://settings/privacy and turning on “Automatically switch to more secure connections with Automatic HTTPS.”

If that setting is now available, enable it by going to edge://flags/#edge-automatic-https, toggling on the ‘Automatic HTTPS‘ experimental flag, and restarting the browser.

via BleepingComputer

Comments