Chrome Release 97

Google has unveiled the release of the Chrome 97 web browser. At the same time, a stable release of the free Chromium project, which is the basis of Chrome, is available. The Chrome browser is distinguished by the use of Google logos, the presence of a system for sending notifications in the event of a crash, modules for playing copy-protected video content (DRM), an automatic update system, and transmission when searching for RLZ parameters. For those who need more time to update, a separate Extended Stable branch is maintained, followed by 8 weeks, which generates an update for the last release of Chrome 96. The next release of Chrome 98 is scheduled for February 1st.

Key changes in Chrome 97:

• For some users, the configurator uses a new interface for managing data stored on the browser side (“chrome://settings/content/all”). The key difference of the new interface is the focus on setting permissions and clearing all Cookies on the site at once, without the ability to view detailed information about individual Cookies and selectively delete Cookies. In the opinion of Google, access to the management of individual cookies for a normal user who does not understand the intricacies of web development can lead to unpredictable violations of the operation of sites due to the inadvertent change of individual settings, as well as to the accidental disabling of cookie-activated privacy protection mechanisms. For those who need to manipulate individual Cookies, it is recommended to use the storage management section in the web developer tools (Applocation/Storage/Cookie).
• In the block with information about the site, a brief description of the site (for example, a description from Wikipedia) is displayed if the search and navigation optimization mode is activated in the settings ("Make searches and browsing better" option).
• Improved support for automatic filling of fields in web forms. Recommendations with autocomplete options are now displayed with a slight shift and are provided with informational icons for a more convenient preview and visual identification of the connection with the field to be filled. For example, the profile icon makes it clear that the suggested autocomplete affects fields related to address and contact information.
• Ensured that user profile handlers are removed from memory after the browser windows associated with them are closed. Previously, profiles remained in memory and continued to perform work related to synchronization and execution of background scripts of add-ons, which led to an unreasonable waste of resources on systems that used several profiles at the same time (for example, a guest profile and linking to a Google account). In addition, a more thorough cleaning of the data remaining in the process of working with the profile is provided.
• Improved search engine settings page ("Settings>Manage search engines"). Disabled automatic activation of engines, information about which is given when opening a site through the OpenSearch script - new engines for processing search queries from the address bar now need to be activated manually in the settings (previously automatically activated engines will continue to work without changes).
• Starting January 17, the Chrome Web Store catalog will no longer accept add-ons that use the second version of the Chrome manifest, but developers of previously added add-ons will still be able to publish updates.
• Added experimental support for the WebTransport specification, which defines a protocol and accompanying JavaScript API for sending and receiving data between a browser and a server. The communication channel is organized over HTTP/3 using the QUIC protocol as a transport. WebTransport can be used instead of the WebSockets mechanism, offering additional features such as multithreading, unidirectional flows, out-of-order delivery, reliable and unreliable delivery modes. In addition, WebTransport can be used instead of the Server Push mechanism, which Google has deprecated in Chrome.
• The findLast and findLastIndex methods have been added to the Array and TypedArrays JavaScript objects, allowing you to search for elements with a result output relative to the end of the array. [1,2,3,4].findLast((el) => el % 2 === 0) // → 4 (last even element)
• Closed (without "open" attribute) HTML elements , are now searchable and linkable, and expand automatically when using page search and fragment navigation (ScrollToTextFragment).
• Content Security Policy (CSP) restrictions in server response headers now apply to dedicated workers, which were previously treated as separate documents.
• An explicit request for the permission to download any sub-resources from the internal network is provided - before accessing the internal network or localhost, a CORS (Cross-Origin Resource Sharing) request is now sent to the server of the main site with the header "Access-Control-Request-Private-Network: true", requiring confirmation of the operation by returning the "Access-Control-Allow-Private-Network: true" header.
• The font-synthesis CSS property has been added to control whether the browser can synthesize missing font styles (oblique, bold and small-cap) that are not in the selected font family.
• For CSS transforms, the 'none' parameter is implemented in the perspective() function, which is treated as an infinite value when animating.
• The Permissions-Policy (Feature Policy) HTTP header, which is used to delegate permissions and enable advanced features, now supports a keyboard-map value that allows the use of the Keyboard API. The Keyboard.getLayoutMap() method has been implemented, which allows you to determine which key is pressed, taking into account different keyboard layouts (for example, a key was pressed in Russian or English layout).
• The HTMLScriptElement.supports() method has been added, which unifies the definition of new features available in the "script" element, for example, you can find out the list of supported values ​​for the "type" attribute.
• The process of normalizing newlines when submitting web forms has been brought into line with the Gecko and WebKit browser engines. Normalization of linefeed and carriage return characters (replacing /r and /n with \r\n) in Chrome is now performed at the final stage, and not at the beginning of form submission processing (i.e. intermediate handlers using the FormData object will see the data as added by the user, not in the normalized form).
• The naming of property names has been standardized for the Client Hints API, which is developed as a replacement for the User-Agent header and allows you to selectively return data about specific browser and system parameters (version, platform, etc.) only after a request by the server. Properties are now prefixed with "sec-ch-", e.g. sec-ch-dpr, sec-ch-width, sec-ch-viewport-width, sec-ch-device-memory, sec-ch-rtt, sec- ch-downlink and sec-ch-ect.
• The second phase of deprecation of the WebSQL API has been applied, access to which from third-party scripts will now be blocked. Going forward, we plan to phase out support for WebSQL completely, regardless of the context of use. The WebSQL engine is based on SQLite code and could be used by attackers to exploit vulnerabilities in SQLite.
• For the Windows platform, an assembly with execution flow integrity checks (CFG, Control Flow Guard) is enabled, blocking attempts to replace code in the Chrome process. In addition, network services running in separate processes are now sandboxed, limiting what code can do in those processes.
• Chrome for Android includes a mechanism to dynamically update the log of issued and revoked certificates (Certificate Transparency), which was previously enabled in the fees for desktop systems.
• Improvements have been made to tools for web developers. Implemented experimental support for synchronizing DevTools settings between different devices. A new Recorder panel has been added, with which you can record, play back and analyze user actions on the page.

  When displaying errors in the web console, the column numbers associated with the problem are displayed, which is useful for debugging problems in minified JavaScript code. Updated the list of devices that can be simulated to evaluate page rendering on mobile devices. In the interface for editing HTML blocks (Edit as HTML), syntax highlighting and the ability to autocomplete input have been added.

  

In addition to innovations and bug fixes, 37 vulnerabilities have been fixed in the new version. Many of the vulnerabilities were identified as a result of automated testing tools AddressSanitizer, MemorySanitizer, Control Flow Integrity, LibFuzzer and AFL. One of the vulnerabilities has been upgraded to a critical issue that allows bypassing all levels of browser protection and executing code on the system, outside the sandbox environment. Details about the critical vulnerability (CVE-2022-0096) have not yet been disclosed, it is only known that it is related to accessing an already freed memory area in the code for working with internal storage (API Storage).

As part of the Vulnerability Bounty program for the current release, Google paid out 24 awards worth $54 (three $10000 awards, two $5000 awards, one $4000 award, three $3000 awards, and one $1000 award). The amount of 14 rewards has not yet been determined.

Source: opennet.ru