Google is strengthening encryption for data by rolling out the HTTP Strict Transport Security (HSTS) across its domain.
So now on www.google.com, non-secure HTTP URLs will automatically get converted to secure HTTPS URLs. In short, HTTP Strict Transport Security (HSTS) prevents people from accidentally navigating to HTTP URLs. Users might navigate to these HTTP URLs by manually typing a protocol-less or HTTP URL in the address bar, or by following HTTP links from other websites, says Google.
The search giant adds that implementing HSTS is a relatively basic process, but for them it required some extra preparation work that most other domains wouldn’t have needed to do.
For example, we had to address mixed content, bad HREFs, redirects to HTTP, and other issues like updating legacy services which could cause problems for users as they try to access our core domain.
Google will be implementing HSTS and will continue to extend it to more domains and other Google products in the coming months.