ProHoster > Blog > internet news > Chrome Release 106

Chrome Release 106

Google has unveiled the release of the Chrome 106 web browser. At the same time, a stable release of the free Chromium project, which is the basis of Chrome, is available. The Chrome browser differs from Chromium in the use of Google logos, the presence of a system for sending notifications in case of a crash, modules for playing copy-protected video content (DRM), an automatic update system, the constant inclusion of Sandbox isolation, the supply of keys to the Google API and transmission when searching for RLZ- parameters. For those who need more time to update, the Extended Stable branch is supported separately, followed by 8 weeks. The next release of Chrome 107 is scheduled for October 25th.

Key changes in Chrome 106:

  • For users of desktop builds, the Prerender2 engine is enabled by default to pre-render recommendation content in the Omnibox address bar. Proactive rendering complements the previously available ability to load the most likely to click recommendations without waiting for a user click. In addition to loading, the content of pages associated with recommendations can now be buffered (including script execution and DOM tree formation), which allows for immediate display of recommendations after a click .
  • Provides the ability to search history, bookmarks, and tabs directly from the Omnibox address bar. The control tags @history, @bookmarks and @tabs are proposed for search localization. For example, to search in bookmarks, enter "@bookmarks search phrase". To disable search from the address bar, a special option is provided in the search settings.
    Chrome Release 106
    Chrome Release 106
  • Disabled by default is Server Push, which is defined in the HTTP/2 and HTTP/3 standards and allows the server to send resources to the client without waiting for them to be explicitly requested. As the reason for the termination of support, the excessive complication of the implementation of the technology is mentioned in the presence of simpler and no less effective alternatives, such as the tag , HTTP response 103, and WebTransport protocol. According to Google statistics, in 2021, about 1.25% of websites running over HTTP/2 used Server Push, and in 2022 this figure dropped to 0.7%. Server Push technology is also present in the HTTP/3 specification, but in practice, many server and client software products, including the Chrome browser, did not natively implement it.
  • Disabled the ability to use non-ASCII characters in domains specified in the Cookie header (for IDN domains, domains must be specified in punycode format). The change brings the browser in line with the requirements of RFC 6265bis and the behavior implemented in Firefox.
  • Suggested clearer labels to identify screens in multi-monitor configurations. Similar labels can be displayed in permission dialogs for opening a window on an external screen. For example, instead of the external display number ('External Display 1'), the name of the monitor model ('HP Z27n') will now be displayed.
  • Improvements in Android version:
    • The page with the history of visits provides support for the "Journey" mechanism, which summarizes past activity by grouping information about previously performed search queries and viewed pages. When entering keywords in the address bar, if they were previously used in queries, it is proposed to continue the search from the interrupted position.
    • On Android 11 devices, the ability to block a page opened in incognito mode after switching to another application is provided. Authentication is required to continue browsing after being blocked. By default, blocking is disabled and requires activation in the privacy settings.
    • When trying to download files from incognito mode, an additional confirmation request for saving the file and a warning that the downloaded file can be seen by other users of the device, as it will be saved in the download manager area, is provided.
      Chrome Release 106
  • Stopped exposing the chrome.runtime API to all sites. This API is now only provided with browser add-ons connected to it. Previously, chrome.runtime was available to all sites because it was used by the built-in CryptoToken plugin with the now deprecated U2F API implementation.
  • Several new APIs have been added to the Origin Trials mode (experimental features that require separate activation). Origin Trial implies the ability to work with the specified API from applications downloaded from localhost or 127.0.0.1, or after registering and receiving a special token that is valid for a limited time for a specific site.
    • The concept of anonymous iframes, which allow loading a document in a separate context that is not related to other iframes and the main document.
    • Pop-Up API for displaying interface elements on top of other elements, for example, for organizing interactive menus, tooltips, content selection tools, and training systems. To show the element on the topmost layer, a new "popup" attribute is used. Unlike dialogs created using the element The new API allows you to create modeless dialogs, handle events, use animations, and create flexible controls for the popup area.
  • Interpolation support has been implemented for the 'grid-template-columns' and 'grid-template-rows' properties used in CSS Grid to provide a smooth transition between different grid states.
  • Added support for the 'preserve-parent-color' value to the 'forced-color-adjust' CSS property, when set, the 'color' property will borrow its value from the parent element.
  • The "-webkit-hyphenate-character" property has been removed from the "-webkit-" prefix and is now available under the name "hyphenate-character". The specified property can be used to set the string used instead of the end-of-word character ("-").
  • The third edition of the Intl.NumberFormat API has been implemented, which has new functions formatRange(), formatRangeToParts() and selectRange(), grouping of sets, new options for rounding and setting precision, the ability to interpret strings as decimal numbers.
  • Added support for the efficient direct transfer of binary data from the serial port to the ReadableStream API, bypassing internal queues and buffers. Direct enumeration is enabled by setting the BYOB mode - "port.readable.getReader({ mode: 'byob' })".
  • The audio and video APIs (AudioDecoder, AudioEncoder, VideoDecoder, and VideoEncoder) now support the "dequeue" event and its associated callbacks that are triggered when the codec starts executing queued content encoding or decoding tasks.
  • The WebXR Device API provides raw access to camera image textures synchronized with the current position in the virtual environment.
  • Improvements have been made to tools for web developers. The Sources panel now has the ability to group files by source. Improved stack trace for asynchronous operations. Now you can automatically ignore known third-party scripts when debugging. Added the ability to hide ignored files in menus and panels. Improved work with the call stack in the debugger.
    Chrome Release 106

    A new Interactions track has been added to the Performance panel to visualize interaction with the page and identify potential UI responsiveness issues.

    Chrome Release 106

In addition to innovations and bug fixes, 20 vulnerabilities have been fixed in the new version. Many of the vulnerabilities were identified as a result of automated testing tools AddressSanitizer, MemorySanitizer, Control Flow Integrity, LibFuzzer and AFL. No critical issues that allow bypassing all browser protection levels and executing code in the system outside the sandbox environment have been identified. As part of the vulnerability bounty program for the current release, Google has paid out 16 awards worth $38500 (one each of $9000, $7500, $7000, $5000, $4000, $3000, $2000, and $1000). The size of the eight awards has not yet been determined.

Source: opennet.ru

Add a comment