With Chrome 55 rolled out to Android and desktops, version 56 is now entering the beta channel. As announced in September, HTTP sites that handle sensitive information will now be marked as ‘Not Secure’ as part of a broader plan. Other additions include Web Bluetooth support and some new APIs that add functionality to mobile sites.
With more than half of Chrome desktop pages already served over HTTPS, Google wants to label all HTTP sites as insecure due to the possibility that third-parties could look at or modify a site before it gets to the end-user.
Starting in version 56, Chrome will mark HTTP pages that collect passwords or credit cards as ‘Not Secure’ in the address bar. The feature will roll out gradually over the next few weeks, with a wider launch come January.
Historically, regular connections have been marked with the neutral indicator of a gray info icon. At the moment, the label will remain gray, but the final iteration of the transition has all HTTP sites labeled with a red warning triangle and text.
Sites are getting further functionality with the Remote Playback API that allows for the starting and control of media on speakers and Smart TVs. Additionally, version 56 of Chrome allows developers to begin experimenting with the WebVR API to create virtual reality experiences on the web.
The API provides access to user position and orientation to render a stereoscopic 3D scene, with Gamepad API extensions accepting motion controller input, including from Daydream controllers. WebVR will be extended to desktop and Google Cardboard in a future Chrome release, with several performance improvements coming in Chrome 57.
Chrome 56 should arrive on the stable channel in approximately six weeks.