Google is prepping an update for the next-generation of Chrome that should, theoretically, stop insecure forms in their tracks. That’s according to a new report from The Next Web.
Now, Google Chrome already warns users if the form they are looking at is not known to be secure. And it already stops even those forms that are — mostly — legitimate from using shady tactics such as hiding information in near-invisible fonts or colors. But it’s going to get a lot better on that front.
As the features currently stand, Chrome only highlights insecure or suspicious forms by removing the “lock” icon from the URL bar. Most users, simply aren’t directing their attention in that general direction when they’re browsing online though. So that can be easy to miss.
With the latest change in place, that’s all going to change — following a long run of security-related Chrome changes from Google.
So what’s new in Chrome to stop potentially malicious forms?
Summarily, Google is now going to throw a full-sized card UI on forms that are suspect. And it’ll do that in between the form being filled out and being sent.
When a user submits a form that could be illegitimate, Chrome will toss up a card to inform them that the information they’re about to send through might not be secure. That’s a similar message seen when users visit suspect websites. In fact, it even has the same workaround for instances where the form might be legitimate anyway. For example, if the form is part of an internal UI.
A bright blue button in the UI has been placed at the lower-right-hand side for users to navigate safely away from the form. Far less prominently, Google also offers a “Send anyway” button.
What is this meant to address and when will it arrive?
The new form feature should do a good job of eliminating the risk presented by forms. Or at least forms with issues that are similar to those being addressed elsewhere in Chrome. So it may not stop every untrustworthy form, even if it does stop a significant number of them.
That’s because it’s based on the same problem meant to be addressed by Google’s recent decision to block some downloads.
If the form is not properly secured via HTTPS, especially where the rest of the page has been, then it will throw the error. Otherwise, the form should function as normal.
It’s not immediately clear when the form-checking feature will appear. But that should be soon as it will reportedly be in the next version of Chrome. That’s Chrome 85, planned for launch in just a week’s time as of this writing.