A new Chromium code change spotted in Gerrit adds a hidden, experimental flag called “Suspicious Site Warnings” to Chrome’s Safe Browsing system. The change (CL 7857137), submitted by Google engineer Awad Osman and merged into Chromium’s main branch in May 2026, introduces a new kSuspiciousSiteWarnings feature that is disabled by default.
Once enabled, the flag would let Chrome display a warning when Google’s Safe Browsing service determines a site is suspicious, even if it hasn’t been confirmed as outright malicious or phishing. The flag’s internal description reads simply: “Enables warnings on sites that Safe Browsing deem to be suspicious.”
The change touches several files tied to Chrome’s flags system and Safe Browsing metrics, including flag_descriptions.h, about_flags.cc, and the component’s feature list. It’s currently scoped to desktop platforms, meaning Windows, Mac, Linux, and ChromeOS, with no indication yet that it’s headed to Android or iOS.
Safe Browsing already warns users about known phishing and malware sites. This new flag suggests Google is testing a broader, lower-confidence tier of warnings, surfacing sites that look risky based on signals and heuristics, rather than confirmed threat-list matches. That could mean more warnings overall, including for newly registered or unusual-looking sites that haven’t been formally blacklisted yet.
For now, the flag isn’t visible in any public build, and there’s no test version available for users to try via chrome://flags. As with any flag spotted in Chromium’s source code, this is an early, experimental signal rather than a confirmed feature. Google frequently tests changes this way and ships them later, modifies them substantially, or abandons them entirely before they ever reach a stable Chrome release.
Chrome Story will keep an eye on this flag as it moves through Chromium’s development channels and update this post if it surfaces in Canary or Dev builds.
Leave a Reply