Microsoft is bringing Automatic HTTPS capabilities to its Edge browser starting with version 92, which is available now in preview.
“Starting with Microsoft Edge 92, users can preview the Automatic HTTPS feature, which automatically switch[es] your connections to websites from HTTP to HTTPS,” the Microsoft Edge Team writes in a new post. “When sites are loaded over HTTP, attackers can view or change page content in transit, or redirect you to a different location than you had expected. Most websites now support HTTPS, which can help protect against these man-in-the-middle attacks. However, too many of these sites aren’t configured to require HTTPS, leaving open a short window of opportunity for attackers before the site can redirect to the more secure protocol.”
Today, some more technical users install a browser plug-in to force web traffic over the more secure HTTPS, which encrypts traffic. But starting with Edge 92, users of Microsoft’s web browser will no longer need an extension. Given its functionality, I assume this feature will be more positively met than some of the more superfluous additions that Microsoft has made recently to Edge.
If you’re interested in testing Automatic HTTPS in Edge, you can install a Canary of Dev build of the product today. If the feature isn’t automatically available—Microsoft, sadly, is testing it with “select users” right now, so A/B testing—you can enable it manually by navigating to edge://flags/#edge-automatic-https and enabling this feature, rebooting the browser, and then visiting edge://settings/privacy and turning on the option “Automatically switch to more secure connections with Automatic HTTPS”.