To ensure users are aware of the risks of downloads delivered over an insecure connection, Chrome will display a bypassable warning for some downloads delivered over an insecure connection. Which downloads are warned about will depend on whether the user has enabled HTTPS-First Mode and whether the file type has a substantial risk of parsing vulnerabilities that can lead to code execution.