When version 90 of Google's Chrome browser arrives in mid-April, initial website visits will default to a secure HTTPS connection in the event the user has failed to specify a preferred URI scheme.
Lack of security is currently the norm in Chrome. As Google Chrome software engineers Shweta Panditrao and Mustafa Emre Acer explain in a blog post, when a user types "www.example.com" into Chrome's omnibox, without either an "http://" or "https:// prefix," Chrome chooses "http://." The same is true in other browsers like Brave, Edge, Mozilla, and Safari.
This made sense in the past when most websites had not implemented support for HTTPS. It was only chrome https default while firefox injects substitute scripts tracking
