ProHoster > Блог > labaran intanet > Chrome 104 saki

Chrome 104 saki

Google ya bayyana sakin mai binciken gidan yanar gizo na Chrome 104. A lokaci guda kuma, ana samun tabbataccen sakin aikin Chromium kyauta, wanda ke zama tushen Chrome. Mai binciken Chrome ya banbanta da Chromium wajen amfani da tambarin Google, kasancewar tsarin aika sanarwa idan ya faru, tsarin wasa don kunna abun ciki na bidiyo mai kariya (DRM), tsarin shigar da sabuntawa ta atomatik, yana ba da damar keɓancewar Sandbox ta dindindin. , ba da maɓallan Google API da watsa RLZ- lokacin bincika sigogi. Ga waɗanda ke buƙatar ƙarin lokaci don sabuntawa, reshen Ƙarfafa Stable yana da tallafi daban, sannan makonni 8 ya biyo baya. An shirya sakin Chrome 105 na gaba don 30 ga Agusta.

Canje-canje masu mahimmanci a cikin Chrome 104:

  • An gabatar da iyakacin rayuwar kuki - duk sabbin kukis ko sabunta za a share su ta atomatik bayan kwanaki 400 na wanzuwa, koda kuwa lokacin ƙarewar da aka saita ta cikin Ƙarfafawa da halayen Matsakaicin shekarun ya wuce kwanaki 400 (na irin waɗannan Kukis, za a rage tsawon rayuwa. zuwa kwanaki 400). Kukis ɗin da aka ƙirƙira kafin aiwatar da ƙuntatawa za su riƙe rayuwarsu, ko da ya wuce kwanaki 400, amma za a iyakance idan an sabunta su. Canjin yana nuna sabbin buƙatun da aka lura a cikin daftarin sabon ƙayyadaddun bayanai.
  • An kunna toshe URLs na iframe da ke magana da tsarin fayil na gida ("filesystem://").
  • Don hanzarta lodin shafi, an ƙara sabon haɓakawa wanda ke tabbatar da cewa an kafa haɗin kai ga mai masaukin baki a lokacin da ka danna hanyar haɗi, ba tare da jiran ka saki maɓallin ba ko cire yatsanka daga allon taɓawa.
  • Saitunan da aka ƙara don sarrafa API ɗin "Tusoyin & Ƙungiya Masu Sha'awa", waɗanda aka haɓaka a matsayin wani ɓangare na yunƙurin Sirri na Sandbox, wanda ke ba ku damar ayyana nau'ikan abubuwan buƙatun mai amfani da amfani da su maimakon bin Kukis don gano ƙungiyoyin masu amfani da irin wannan bukatu ba tare da gano masu amfani da kowane ɗayan ba. . Bugu da ƙari, maganganun bayanai waɗanda aka nuna sau ɗaya an ƙara su, suna bayyana wa mai amfani da ainihin fasaha da kuma ba da damar kunna goyon bayanta a cikin saitunan.
  • Ƙarfafa ƙofofin don iyakance kira zuwa saitaTimeout da saita masu ƙidayar lokaci suna gudana tare da tazarar ƙasa da 4ms ("setTimeout(..., <4ms)"). An ƙara jimlar iyakar irin waɗannan kiran daga 5 zuwa 100, wanda ke ba da damar ba za a iya yanke kiran mutum da ƙarfi ba, amma a lokaci guda hana cin zarafi wanda zai iya shafar aikin mai binciken.
  • An kunna shi yana aika buƙatun tabbaci na CORS (Cross-Origin Resource Sharing) zuwa babban uwar garken rukunin yanar gizon tare da taken "Access-Control-Request-Private-Network: gaskiya" lokacin da shafi ya shiga wani yanki na cibiyar sadarwa na ciki (192.168.xx) , 10. xxx, 172.16-31.xx) ko zuwa localhost (127.xxx). Lokacin tabbatar da aiki don amsa wannan buƙatar, uwar garken dole ne ta dawo da taken "Access-Control-Allow-Private-Network: gaskiya". A cikin sigar Chrome 104, sakamakon tabbatarwa bai riga ya shafi aiwatar da buƙatun ba - idan babu tabbaci, ana nuna gargadi a cikin na'ura mai ba da hanya tsakanin hanyoyin sadarwa, amma ba a toshe buƙatar tushen tushen kanta. Ba a sa ran toshe rashin yarda ba har sai Chrome 107. Don ba da damar toshewa a cikin abubuwan da aka fitar a baya, zaku iya kunna saitin "chrome://flags/#private-network-access-respect-preflight-results".

    An gabatar da tabbatar da ikon uwar garken don ƙarfafa kariya daga hare-hare masu alaƙa da samun damar albarkatu akan hanyar sadarwar gida ko a kan kwamfutar mai amfani (localhost) daga rubutun da aka ɗora lokacin buɗe wani shafi. Masu kai hari suna amfani da irin waɗannan buƙatun don kai hare-haren CSRF akan masu amfani da hanyoyin sadarwa, wuraren shiga, firintoci, mu'amalar yanar gizo na kamfanoni da sauran na'urori da sabis waɗanda ke karɓar buƙatun kawai daga hanyar sadarwar gida. Don kare kai daga irin waɗannan hare-hare, idan an sami isa ga kowace ƙasan albarkatu akan hanyar sadarwar cikin gida, mai binciken zai aika da takamaiman buƙatu don izini don loda waɗannan ƙananan albarkatun.

  • An ƙara hanyar Ɗaukar Yanki wanda ke ba ku damar datsa abubuwan da ba dole ba daga bidiyon da aka ƙirƙira bisa ga ɗaukar allo. Misali, ta amfani da API na getDisplayMedia, aikace-aikacen gidan yanar gizo na iya watsa bidiyo na abubuwan da ke cikin shafin, kuma Yanki Ɗauka yana ba ku damar yanke wani ɓangare na abubuwan da suka haɗa da sarrafa taron bidiyo.
  • Ƙara goyon baya don sabon tsarin tambayar kafofin watsa labaru da aka ayyana a cikin ƙayyadaddun Matsayi na Tambayoyi na Mai jarida, wanda ke ƙayyade ƙarami da matsakaicin girman wurin da ake iya gani (kallon kallo). Sabuwar tsarin daidaitawa yana ba ku damar amfani da ma'aikatan kwatancen lissafin gama gari da masu aiki masu ma'ana kamar "ba", "ko" da "da". Misali, maimakon “@media (min-nisa: 4px) {… }” yanzu zaku iya saka “@media (nisa>= 400px) {…}”.
  • An ƙara sabbin APIs da yawa zuwa Yanayin Gwaji na Asalin (fasali na gwaji waɗanda ke buƙatar kunnawa daban). Gwajin Asalin yana nuna ikon yin aiki tare da ƙayyadaddun API daga aikace-aikacen da aka zazzage daga localhost ko 127.0.0.1, ko bayan yin rijista da karɓar wata alama ta musamman wacce ke aiki na ƙayyadadden lokaci don takamaiman rukunin yanar gizo.
    • An ƙara mallakar CSS “ƙungiyar mai da hankali” don haɓaka kewayawa ta abubuwa ta amfani da maɓallan kibiya akan madannai.
    • API ɗin Tabbatar da Biyan Kuɗi mai aminci yana ba da damar mai amfani don musaki kantin saitin katin kiredit. Don nuna maganganun da ke ba ka damar ƙin ajiye sigogi na katin kiredit, mai ginawa PaymentRequest() yana ba da tuta “showOptOut: gaskiya”.
    • Ƙara API ɗin Canjin Abubuwan Rabawa, wanda ke ba ku damar tsara sauyi mai sauƙi tsakanin ra'ayoyin abun ciki daban-daban a cikin aikace-aikacen gidan yanar gizo mai shafi ɗaya.
  • An daidaita goyan bayan ƙa'idodin Hasashen, ba da damar marubutan gidan yanar gizon su ba mai binciken bayanai game da yuwuwar shafukan da mai amfani zai iya zuwa. Mai burauzar yana amfani da wannan bayanin don lodawa da sanya abun ciki na shafi a hankali.
  • An daidaita tsarin tattara ƙananan albarkatu cikin fakiti a cikin Tsarin Bundle na Yanar Gizo, yana ba da damar haɓaka haɓakar loda adadi mai yawa na fayilolin da ke rakiyar (Salon CSS, JavaScript, hotuna, iframes). Ba kamar fakitin da ke cikin tsarin Webpack ba, Tsarin Bundle na Yanar Gizo yana da fa'idodi masu zuwa: ba fakitin da kansa ake adana shi a cikin ma'ajin HTTP ba, amma sassansa; hadawa da aiwatar da JavaScript yana farawa ba tare da jiran fakitin da za a sauke gaba daya ba; An yarda ya haɗa da ƙarin albarkatu kamar CSS da hotuna, waɗanda a cikin fakitin gidan yanar gizon dole ne a sanya su ta hanyar sigar JavaScript.
  • Ƙara kayan-duba-akwatin CSS, wanda ke ba ka damar ayyana wani yanki na hoton da za a nuna a wurin maimakon wani abin da aka bayar, wanda za'a iya amfani dashi, misali, don ƙara iyaka ko inuwa.
  • Ƙara API ɗin Ƙarfin Ƙarfin Cikakkun allo, yana ƙyale abin Taga ɗaya ya wakilta zuwa wani abin Taga haƙƙin kiran buƙatunFullscreen().
  • Ƙara Cikakkun Window Abokin allo API, yana barin abun ciki na cikakken allo da buguwa a sanya su akan wani allo bayan an sami tabbaci daga mai amfani.
  • An ƙara sifa-akwatin gani zuwa kayan CSS-cike-clip-margin, wanda ke ƙayyade inda za a fara datsa abun ciki wanda ya wuce iyakar yankin (yana iya ɗaukar ƙimar abun ciki-akwatin, kwalin-kwalin da iyaka- akwatin).
  • API ɗin Async Clipboard ya ƙara ikon ayyana keɓancewar tsari don bayanan da aka canjawa wuri ta hanyar allo, ban da rubutu, hotuna, da rubutu tare da alama.
  • WebGL yana ba da goyan baya don ƙididdige wuri mai launi don madaidaicin sa da kuma canzawa lokacin sayo daga rubutu.
  • An dakatar da goyan bayan dandamali na OS X 10.11 da macOS 10.12.
  • U2F (Cryptotoken) API, wanda a baya aka soke kuma aka kashe ta tsohuwa, an daina. API ɗin Tabbatar da Yanar Gizo ya maye gurbin U2F API.
  • An inganta kayan aiki don masu haɓaka gidan yanar gizo. Mai cirewa yanzu yana da ikon sake kunna lamba daga farkon aiki bayan buga wani wuri a cikin jikin aikin. Ƙara goyon baya don haɓaka add-kan don kwamitin rikodi. Taimako don ganin alamun da aka saita a cikin aikace-aikacen gidan yanar gizo ta hanyar kiran aikin.measure() an ƙara zuwa kwamitin binciken aikin. Ingantattun shawarwari don cikawa da sarrafa abubuwan abubuwan JavaScript. Lokacin da ake kammala masu canjin CSS ta atomatik, ana ba da samfoti na ƙimar da ba su da alaƙa da launuka.
    Chrome 104 saki

Baya ga sabbin abubuwa da gyare-gyaren kwaro, sabon sigar yana kawar da lahani 27. Yawancin raunin da aka gano sakamakon gwajin atomatik ta amfani da AddressSanitizer, MemorySanitizer, Control Flow Integrity, LibFuzzer da kayan aikin AFL. Ba a gano wasu matsaloli masu mahimmanci waɗanda za su ba mutum damar ƙetare duk matakan kariya na burauza da aiwatar da lamba akan tsarin a wajen yanayin sandbox. A matsayin wani ɓangare na shirin bayar da ladan kuɗi don gano lahani ga sakin na yanzu, Google ya biya lambobin yabo 22 da suka kai dalar Amurka dubu 84 (kyautar $15000, lambar yabo $10000, lambar yabo $8000 ɗaya, lambar yabo $7000 ɗaya, lambar yabo $5000 guda ɗaya, lambar yabo ta $4000, lambar yabo $3000, lambar yabo $2000, $1000 guda ɗaya. , lambobin yabo $ XNUMX hudu, da kyaututtuka $ XNUMX uku). Har yanzu ba a tantance girman lada daya ba.

source: budenet.ru

Add a comment