Chrome Warns Against Insecure Forms-Although That Doesn't Solve Much

Chrome Warns Against Insecure Forms-Although That Doesn’t Solve Much

Google will warn from its browser if a web form sends data unsecured. Although, that does not solve much in practice for fraud attempts with such forms.


As of Chrome M86, the browser will warn you if you submit a form where the communication is insufficiently secured.

In concrete terms, this is an input form that uses HTTPS but then forwards the data via a channel without HTTPS. So-called mixed forms can intercept data.

Google will also prevent automatic completion in such forms and warn that it is an insecure web form.

Better security is generally commendable. But in practice, it does not solve the bigger problem with web forms, and then specifically web forms from Google. These are often used by scammers posing as a well-known brand to collect data from victims.

For example, Data News discovered a counterfeit page of Ikea Belgium on Facebook last Friday, which allegedly gave away gift vouchers. Whoever clicked through came to a Google web form, secured with HTTPS.

The transmission of the data may well be done safely here, but that makes little difference if the recipient also has malicious intentions.

Leave a Reply