ProHoster > Blog > internet news > Chrome Release 112

Chrome Release 112

Google has unveiled the release of the Chrome 112 web browser. At the same time, a stable release of the free Chromium project, which is the basis of Chrome, is available. The Chrome browser differs from Chromium in the use of Google logos, the presence of a system for sending notifications in case of a crash, modules for playing copy-protected video content (DRM), an automatic update system, the constant inclusion of Sandbox isolation, the supply of keys to the Google API and transmission when searching for RLZ- parameters. For those who need more time to update, the Extended Stable branch is supported separately, followed by 8 weeks. The next release of Chrome 113 is scheduled for May 2th.

Key changes in Chrome 112:

  • The functionality of the Safety check interface has been extended to show a summary of potential security issues such as compromised passwords, Safe Browsing status, uninstalled updates, and detection of malicious add-ons. The new version implements automatic revocation of previously granted permissions for sites that have not been used for a long time, and also adds options to disable automatic revocation and return revoked permissions.
  • Sites are not allowed to set the document.domain property to apply same-origin conditions to resources loaded from different subdomains. If you need to establish a communication channel between subdomains, use the postMessage() function or the Channel Messaging API.
  • Ended support for running custom web apps Chrome Apps on Linux, macOS, and Windows platforms. Instead of Chrome Apps, use standalone web applications based on Progressive Web Apps (PWA) technology and standard Web APIs.
  • The built-in CA root certificate store (Chrome Root Store) includes handling of name restrictions for root certificates (for example, a certain root certificate may be allowed to generate certificates only for certain first-level domains). In Chrome 113, it is planned to switch to using the Chrome Root Store and the built-in certificate verification mechanism on Android, Linux and ChromeOS platforms (on Windows and macOS, the switch to the Chrome Root Store was made earlier).
  • For some users, a simplified interface for connecting an account in Chrome has been proposed.
    Chrome Release 112
  • Provided the ability to export and back up to Google Takeout for data used when synchronizing across Chrome instances and of types AUTOFILL, PRIORITY_PREFERENCE, WEB_APP, DEVICE_INFO, TYPED_URL, ARC_PACKAGE, OS_PREFERENCE, OS_PRIORITY_PREFERENCE, and PRINTER.
  • The Web Auth Flow add-on authorization page is now shown in a tab rather than a separate window, allowing you to see the Phishing Protection URL. The new implementation shares a common connection state across all tabs and persists the state across restarts.
    Chrome Release 112
  • Service Workers of browser add-ons allow access to the WebHID API, designed for low-level access to HID devices (Human interface devices, keyboards, mice, gamepads, touchpads) and organization of work without the presence of specific drivers in the system. The change was made to ensure that the Chrome add-ons that previously accessed WebHID from background pages were translated to the third version of the manifest.
  • Support for nested rules has been added to CSS, defined using the "nesting" selector. Nested rules make it possible to reduce the size of the CSS file and get rid of duplicate selectors. .nesting { color: hotpink; > .is { color: rebeccapurple; > .awesome { color: deeppink; } } }
  • An animation-composition CSS property has been added, allowing you to use composite operations to apply multiple animations at the same time that affect the same property.
  • Allow passing a submit button to the FormData constructor, which allows FormData objects to be created with the same data set as when the original form was submitted after the button was clicked.
  • Regular expressions with the "v" flag added support for set operations, string literals, nested classes, and unicode string properties that make it easier to create regular expressions that span specific Unicode characters. For example, the construction "/[\p{Script_Extensions=Greek}&&\p{Letter}]/v" allows you to cover all Greek characters.
  • Updated the algorithm for choosing the initial focus for dialogs created using the element . Input focus is now set on elements associated with keyboard input, rather than directly on the element .
  • WebView has started testing deprecation of the X-Requested-With header.
  • Added experimental (origin trial) support for enabling garbage collectors for WebAssembly.
  • Support for object codes for direct and indirect tail recursion (tail-call) has been added to WebAssembly.
  • Improvements have been made to tools for web developers. Added support for nested CSS. The reduced contrast emulation mode has been added to the Rendering tab, which allows you to evaluate how people with reduced contrast sensitivity see the site. The web console now highlights messages related to conditional breakpoints and logpoints. Tooltips with a brief description of the purpose of CSS properties have been added to the panel for working with styles.
    Chrome Release 112

In addition to innovations and bug fixes, 16 vulnerabilities have been fixed in the new version. Many of the vulnerabilities were identified as a result of automated testing tools AddressSanitizer, MemorySanitizer, Control Flow Integrity, LibFuzzer and AFL. No critical issues that allow bypassing all browser protection levels and executing code in the system outside the sandbox environment have been identified. As part of the program for the payment of cash rewards for the discovery of vulnerabilities for the current release, Google paid 14 awards in the amount of 26.5 thousand US dollars (three awards of $5000 and $1000, two awards of $2000 and one award of $1000 and $500). The amount of 4 rewards has not yet been determined.

Source: opennet.ru

Add a comment