Latest in Gear

Image credit:

Chrome's latest tool checks your website's security

It will help developers get the highly sought green HTTPS lock.

Shares
Share
Tweet
Share
Save

You may never notice Chrome's green lock showing that an HTTPS site is 100 percent secure, but developers pay rapt attention to it. That's because Google prioritizes search results for sites with the strongest security, so a problematic site could find itself on the dreaded second page. The symbol also tells users that they're less likely to be victims of man-in-the-middle and other "content injection" attacks. However, many operators still aren't sure why their sites appear insecure, so Google has unveiled a security panel for DevTools in its latest version 48 of Chrome.

Each time you load a page, it will show the information for each network connection and why some are secure and others aren't. The panel will indicate whether a security certificate is valid and if you're using the proper connection protocol. It also flags the dreaded "mixed content" issue that arises from insecure HTTP subresources. From there, you can drill down to see which resource, exactly, is borking your page's lock.

To use the new panel, developers just need to open up the Chrome 48 dev tools, or click on the URL lock icon and select "details." The new version of Chrome also brings a number of bug fixes and eliminates the old and insecure RC4 encryption scheme. The stable version started rolling out yesterday and should hit most regions soon.

From around the web