The aim is to block the browser from reaching the small number of sites that cling to HTTP, closing security risks.