Chrome Release 74

Google company presented web browser release Chrome 74... Simultaneously available stable release of a free project Chromium, which is the basis of Chrome. Chrome browser is different using Google logos, the ability to load the Flash module on demand, the presence of a system for sending notifications in case of a crash, modules for playing protected video content, an automatic update system and transmission when searching RLZ parameters. The next release of Chrome 75 is scheduled for June 4th.

All changes в Chrome 74:

• When the onUnload event occurs, which is called when the page is closed, now smoking display pop-up windows (the call to window.open() is blocked), which will protect users from forced opening of advertising pages after closing dubious sites;
• In JavaScript engine implemented a new mode JIT-less ("--jitless" flag), which makes it possible to execute JavaScript without using JIT (only the interpreter is used) and without allocating executable memory during code execution. Disabling JIT can be useful for improving security when working with potentially dangerous web applications, as well as for building on platforms that prohibit the use of JIT (for example, iOS, some Smart TVs and game consoles. Disabling JIT reduces JavaScript execution performance by 40% in the Speedometer 2.0 test and 80% in the Web Tooling Benchmark, but only a 6% decrease in performance in the simulation of YouTube, memory consumption is only slightly reduced, only 1.7%;
• V8 also offers a large portion of new optimizations. For example, 60% faster execution of function calls in which the number of parameters actually passed does not match the number of arguments specified when the function was defined. Faster access to DOM properties using the get function, which positively affected the performance of the Angular framework. JavaScript parsing has been accelerated: optimization of the UTF-8 decoder made it possible to increase the performance of the parser in streaming mode (parsing as it is loaded) by 8%, and eliminating unnecessary deduplication operations gave an increase of another 10.5%;
• Work has been done to reduce the memory consumption of the JavaScript engine.
  Added code to clear the bytecode cache, which takes up about 15% of the total heap size. A stage has been added to the garbage collector to evict rarely compiled bytecode from the cache for functions that are used or functions that are called only during initialization. The decision to purge is made based on new counters that take into account the last time the bytecode was accessed. This change reduced memory consumption by 5-15% without negatively impacting performance. Additionally, the bytecode compiler excludes the generation of obviously unused code, for example, which follows after return or break (if there is no Jump transition to it);
  

• For WebAssembly implemented support for threads and atomic operations (API WebAssembly Threads and WebAssembly Atomics);
• Added support for the "#!" header, which defines the interpreter to run, for separate delivery of scripts. For example, similar to other scripting languages, a JavaScript file might look something like this:

  #!/usr/bin/env node
  console log(42);

• New media query added to CSS "prefers-reduced-motion“, which allows the site to determine the state of settings in the operating system related to disabling animated effects. With the help of the proposed request, the site owner can find out that the user has disabled animated effects and also disable various animation features on the site, for example, remove the shaking effect of buttons used to attract attention;
• In addition to the ability to define public fields introduced in Chrome 72 implemented support marking fields as private, after which access to their values ​​will be open only inside the class. To mark a field as private, precede the field name with a "#" sign. As with public fields, private properties do not require the explicit use of a constructor.
• The Feature-Policy HTTP header, which allows you to control the behavior of the API and the inclusion of certain features (for example, you can enable the synchronous XMLHttpRequest operation mode or disable the Geolocation API), added JavaScript API to control the activity of certain features. For developers, there are two new methods document.featurePolicy and frame.featurePolicy that offer three features:
  allowedFeatures() to get a list of allowed features for the current domain, allowsFeature() to selectively check whether specific features are enabled, and getAllowlistForFeature() to list domains for which the specified feature is allowed on the current page;

• Added experimental ("chrome://flags#enable-text-fragment-anchor") mode support Scroll To Text, which allows you to create links to individual words or phrases without explicitly specifying tags in the document using the "a name" tag or the "id" property. To send a link, a special parameter "#targetText=" is offered, in which you can specify the text for the transition. You can specify a mask that includes phrases that indicate the beginning and end of the fragment using a comma as their separator (for example, "example.com#targetText=start%20words, end%20words");
• Added option to AudioContext constructor sampleRate, which allows you to set the sampling rate for audio operations through the Web Audio API;
• Added class support Intl.Locale, which provides methods for parsing and processing locale-set language, region, and style settings, as well as for reading and writing Unicode extension tags, saving user-defined locale settings in a serialized format;
• Movement Signed HTTP Exchanges (SXG) extended by means for informing content distributors about signed content download errors, such as certificate verification issues. Error handling is done via API extensions Network Error Logging. Recall that SXG Allows the owner of one site, using a digital signature, authorize the placement of certain pages on another site, after which, if these pages are accessed on the second site, the browser will show the user the URL of the original site, despite the fact that the page is loaded from another host;
• Method added to TextEncoder class encodeInto(), which allows you to write the encoded string directly to a pre-allocated buffer. The encodeInto() method is a high-performance alternative to the encode() method, which requires a buffer allocation operation to be performed on each call.
• In service worker provided buffering the call to client.postMessage() until the document is ready. Messages sent via client.postMessage() will be held until the DOMContentLoaded event is fired, onmessage is set, or startMessages() is called;
• As required by the CSS Transitions specification added transitionrun , transitioncancel , transitionstart , and transitionend events fired when a CSS transition is queued, canceled, starts, or ends executing.
• When specifying an incorrect character encoding for an XMLHttpRequest via overrideMimeType() or MIME type, it now falls back to UTF-8 instead of Latin-1;
• Declared obsolete and will be removed in one of the next releases of the "allow-downloads-without-user-activation" property, through which it was possible to organize automatic downloads of files when processing an iframe. In the future, the initiation of file downloads without explicit user action will be prohibited, as it has been actively used for abuse, forcing downloads and substituting pieces of malware on the user's computer. To start the download, a user click on the same page is required. The property was originally intended to be removed in Chrome 74, but the removal was postponed up to Chrome 76.
• For the Windows platform, an optional dark theme for the interface design has been proposed (in the last release, dark design was prepared for macOS). Since the dark design is almost identical to the design in incognito mode, a special indicator has been added instead of the user profile icon to highlight the private mode of operation;
• Added option for corporate users Chrome Browser Cloud Management to manage user browser settings through the Google Admin console;
  

In addition to innovations and bug fixes, the new version eliminates 39 vulnerabilities. Many of the vulnerabilities were identified as a result of automated testing tools AddressSanitizer, MemorySanitizer, Control Flow Integrity, LibFuzzer и AFL. No critical issues that allow bypassing all browser protection levels and executing code in the system outside the sandbox environment have been identified. As part of the Vulnerability Bounty program for the current release, Google paid 19 bonuses worth $26837 (four $3000 bonuses, four $2000 bonuses, one $1337 bonus, four $1000 bonuses, three $500 bonuses). The amount of 4 rewards has not yet been determined.

Source: opennet.ru