This umbrella bug tracks the work for the HTTPBad Phase 2 feature announced in https://security.googleblog.com/2017/04/next-steps-toward-more-connection.html Googlers can follow along on the design doc: https://goto.google.com/httpbad-phase2
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a11389c6e5e4f32edae6193405a4bf1f62f11a73 commit a11389c6e5e4f32edae6193405a4bf1f62f11a73 Author: Eric Lawrence <elawrence@chromium.org> Date: Tue Oct 17 14:31:03 2017 Enable HTTPBad Phase 2 by default Change the default configuration of the MarkNonSecureAs to show warnings when the user loads a non-secure page in Incognito mode or edits a form field on a non-secure page. Bug: 721898 Change-Id: I2803f56dbe256d1c56981663f1694efff4c52f1c Reviewed-on: https://chromium-review.googlesource.com/721683 Reviewed-by: Adrienne Porter Felt <felt@chromium.org> Reviewed-by: Robert Kaplow <rkaplow@chromium.org> Commit-Queue: Eric Lawrence <elawrence@chromium.org> Cr-Commit-Position: refs/heads/master@{#509381} [modify] https://crrev.com/a11389c6e5e4f32edae6193405a4bf1f62f11a73/components/security_state/core/security_state.cc [modify] https://crrev.com/a11389c6e5e4f32edae6193405a4bf1f62f11a73/components/security_state/core/security_state_unittest.cc [modify] https://crrev.com/a11389c6e5e4f32edae6193405a4bf1f62f11a73/testing/variations/fieldtrial_testing_config.json [modify] https://crrev.com/a11389c6e5e4f32edae6193405a4bf1f62f11a73/tools/metrics/histograms/enums.xml
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/0cc4f7392263c11692a6d9c18229233d71579816 commit 0cc4f7392263c11692a6d9c18229233d71579816 Author: Eric Lawrence <elawrence@chromium.org> Date: Wed Oct 18 16:32:38 2017 Remove obsolete MarkNonSecureAs modes Now that HTTPBad Phase 2 has been enabled by default, we can now safely drop three of the chrome://flags/#mark-non-secure-as modes used during development and experimentation. This CL removes the unneeded modes. Bug: 721898 Change-Id: Ibe94231ce6573d4bd7b49cef8343225cbd5cdeba Reviewed-on: https://chromium-review.googlesource.com/723585 Reviewed-by: Adrienne Porter Felt <felt@chromium.org> Reviewed-by: Rohit Rao (ping after 24h) <rohitrao@chromium.org> Commit-Queue: Eric Lawrence <elawrence@chromium.org> Cr-Commit-Position: refs/heads/master@{#509790} [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/chrome/browser/about_flags.cc [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/chrome/browser/flag_descriptions.cc [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/chrome/browser/flag_descriptions.h [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/chrome/browser/ssl/security_state_tab_helper_browser_tests.cc [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/components/security_state/core/security_state.cc [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/components/security_state/core/security_state_unittest.cc [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/components/security_state/core/switches.cc [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/components/security_state/core/switches.h [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/ios/chrome/browser/about_flags.mm [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/ios/chrome/browser/ios_chrome_flag_descriptions.cc [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/ios/chrome/browser/ios_chrome_flag_descriptions.h [modify] https://crrev.com/0cc4f7392263c11692a6d9c18229233d71579816/tools/metrics/histograms/enums.xml
Comment 1 by elawrence@chromium.org
, May 18 2017