ProHoster > Blog > internet news > Chrome Release 99

Chrome Release 99

Google has unveiled the release of the Chrome 99 web browser. At the same time, a stable release of the free Chromium project, which is the basis of Chrome, is available. The Chrome browser is distinguished by the use of Google logos, the presence of a system for sending notifications in the event of a crash, modules for playing copy-protected video content (DRM), an automatic update system, and transmission when searching for RLZ parameters. The next release of Chrome 100 is scheduled for March 29th.

Key changes in Chrome 99:

  • Chrome for Android includes a Certificate Transparency mechanism that maintains an independent public log of all issued and revoked certificates. The public log makes it possible to conduct an independent audit of all changes and actions of certification centers, and will allow you to immediately track any attempts to covertly create fake records. Certificates that are not reflected in Certificate Transparency will be automatically rejected by the browser, with an appropriate error displayed. Previously, this mechanism was only enabled for the desktop version and for a small percentage of Android users.
  • Due to the presence of a large number of complaints, the Private Network Access mechanism, previously proposed in test mode, was disabled, which is aimed at strengthening protection against attacks related to accessing resources on the local network or on the user's computer (localhost) from scripts loaded when the site is opened. To protect against such attacks in case of accessing any sub-resources in the internal network, it is proposed to send an explicit request for the authority to download such sub-resources. Google will review the implementation based on feedback received and will offer an improved version in a future release.
  • The ability to remove the default search engines has been returned. Recall that starting from Chrome 97, in the configurator in the "Manage search engines" section (chrome://settings/searchEngines), the ability to remove elements from the list of default search engines (Google, Bing, Yahoo) and edit search engine parameters was discontinued, which dissatisfied with many users.
  • On the Windows platform, the ability to remove self-contained web applications (PWA, Progressive Web App) is provided through the system settings or the control panel, similar to the removal of Windows applications.
  • Final testing is being carried out on the possible violation of the sites after the browser reaches a version consisting of three digits instead of two (at one time after the release of Chrome 10, many problems surfaced in the User-Agent parsing libraries). When the "chrome://flags#force-major-version-to-100" option is activated, version 100 is returned in the User-Agent header.
  • CSS supports cascading layers, which are defined using the @layer rule and imported via the @import CSS rule using the layer() function. CSS rules within a single cascading layer cascade together, making it easier to manage the entire cascade, giving you the flexibility to reorder layers, and allowing you to more explicitly manage CSS files to prevent conflicts. Cascading layers are useful for design themes, defining default element styles, and moving component designs to external libraries.
  • The showPicker() method has been added to the HTMLInputElement class, which allows you to display ready-made dialogs for filling in typical values ​​in the fields with the types "date", "month", "week", "time", "datetime-local", "color" and "file", as well as for fields that support autofill (autofill) and selection from the list (datalist). For example, you can show an interface in the form of a calendar for choosing a date, or a palette for entering a color.
    Chrome Release 99
  • In the Origin Trials mode (experimental features that require separate activation), the ability to enable a dark design mode for web applications has been implemented. The colors and background for the dark theme are selected using the new color_scheme_dark field in the web application manifest file. Origin Trial implies the ability to work with the specified API from applications downloaded from localhost or 127.0.0.1, or after registering and receiving a special token that is valid for a limited time for a specific site.
  • The Handwriting Recognition API has been stabilized and offered to everyone, allowing you to use the handwriting recognition services provided by the operating system.
  • For installed stand-alone web applications (PWA, Progressive Web App), the Window Controls Overlay component has been stabilized, expanding the application's screen area to the entire window, including the title area, on which regular window control buttons (close, minimize, maximize) are superimposed. The web application can control rendering and input processing for the entire window, except for the overlay block with window control buttons.
  • The calc() CSS function allows "infinity", "-infinity", and "NaN" values, or expressions that result in similar values, such as 'calc(1/0)'.
  • The "only" parameter has been added to the color-scheme CSS property, which makes it possible to determine in which color schemes an element can be displayed correctly ("light", "dark", "day mode" and "night mode"), the "only" parameter has been added to prevent forced change color scheme for individual HTML elements. For example, if you specify "div { color-scheme: only light }", then only the light theme will be used for the div element, even if the browser forces a dark theme.
  • Push() and pop() operations can now be used to change the value of the document.adoptedStyleSheets property instead of completely reassigning the property. For example, "document.adoptedStyleSheets.push(newSheet);".
  • Added support for the ContextLost and ContextRestored events, the reset() method, the "willReadFrequently" option, CSS text modifiers, the roundRect rendering primitive, and conical gradients to the implementation of the CanvasRenderingContext2D interface. Improved support for SVG filters.
  • Removed the "-webkit-" prefix from the "text-emphasis", "text-emphasis-color", "text-emphasis-position", and "text-emphasis-style" properties.
  • For pages opened without HTTPS, access to the Battery Status API, which allows you to get information about the battery charge, is prohibited.
  • The navigator.getGamepads() method provides an array of Gamepad objects instead of a GamepadList. GamepadList is no longer supported in Chrome, which is in line with the requirement of the standard and the behavior of the Gecko and Webkit engines.
  • The WebCodecs API has been brought into line with the specification. In particular, the EncodedVideoChunkOutputCallback() method and the VideoFrame() constructor have been changed.
  • In the V8 JavaScript engine, new calendars, collations, hourCycles, numberingSystems, timeZones, textInfo, and weekInfo properties have been added to the Intl.Locale API to display information about supported calendars, time zones, and time and text options. const arabicEgyptLocale = new Intl.Locale('ar-EG') // ar-EG arabicEgyptLocale.calendars // ['gregory', 'coptic', 'islamic', 'islamic-civil', 'islamic-tbla'] arabicEgyptLocale .collations // ['compat', 'emoji', 'eor'] arabicEgyptLocale.hourCycles // ['h12'] arabicEgyptLocale.numberingSystems // ['arab'] arabicEgyptLocale.timeZones // ['Africa/Cairo'] arabicEgyptLocale .textInfo // { direction: 'rtl' } japaneseLocale.textInfo // { direction: 'ltr' } chineseTaiwanLocale.textInfo // { direction: 'ltr' }
  • Added Intl.supportedValuesOf(code) function that returns an array of supported identifiers for the Intl API for calendar, collation, currency, numberingSystem, timeZone, and unit properties. Intl.supportedValuesOf('unit') // ['acre', 'bit', 'byte', 'celsius', 'centimeter', …]
  • Improvements have been made to tools for web developers. In the network panel, the ability to slow down WebSocket requests is provided to debug work in conditions of a slow network connection. A panel has been added to the "Application" tab for tracking reports generated via the Reporting API. The Recorder panel now supports waiting before the element becomes visible or clickable before playing a recorded command. Simplified dark theme emulation. Improved control of panels from touch screens. Added support for escape sequences for highlighting text in the web console, added support for substitution masks %s, %d, %i and %f, improved message filters.
    Chrome Release 99

In addition to innovations and bug fixes, 28 vulnerabilities have been fixed in the new version. Many of the vulnerabilities were identified as a result of automated testing tools AddressSanitizer, MemorySanitizer, Control Flow Integrity, LibFuzzer and AFL. No critical issues that allow bypassing all browser protection levels and executing code in the system outside the sandbox environment have been identified. As part of the Vulnerability Bounty Program for the current release, Google has paid out 21 awards worth $96 (one $15000 award, two $10000 awards, six $7000 awards, two $5000 awards, two $3000 awards, and one $2000 award each). and $1000.

Source: opennet.ru

Add a comment