As early as Chrome 115, some users might see HTTP requests automatically upgraded to HTTPs. Any page that can't load via HTTPS is automatically reverted back to HTTP. For standard server configurations, this shouldn't have any visible effect, but it improves your users' security.

Some server configurations might cause issues, for example, if different content is served via HTTP and HTTPS. Users can bypass the automatic upgrading by explicitly navigating to an http:// URL in the Omnibox, or by changing the Insecure Content site setting to enabled, accessible via Page Info and chrome://settings/content. You can control this behavior with the HttpsUpgradesEnabled policy, and allowlist specific sites with the HttpAllowlist policy.

In the long term, you should ensure that your organization's servers support HTTPS and serve the same content on both HTTP and HTTPS. If you don't intend to support HTTPS (for example, on an intranet behind a firewall), servers shouldn't respond to port 443, and firewalls should close the connection rather than leave it hanging. You can test HTTPS upgrading in your environment by enabling chrome://flags#https-upgrades. If you come across any issues, you can report them to us.

Starting in Chrome 115, Chrome automatically enables HTTPS-First Mode based on the user's browsing history. It automatically enables the HTTPS-First Mode interstitial on sites that regularly load over HTTPS. Sites that regularly use plaintext HTTP are unaffected. In practice, this change protects users from downgrade attacks, but is invisible to users.