Google web browser tso tawm ... Ib txhij ruaj khov tso tawm qhov project dawb , uas yog lub hauv paus ntawm Chrome. Chrome browser Kev siv Google logos, muaj lub kaw lus xa cov ntawv ceeb toom thaum muaj kev sib tsoo, muaj peev xwm rub tawm Flash module ntawm kev thov, modules rau kev ua si tiv thaiv cov ntsiab lus video (DRM), lub kaw lus rau kev txhim kho qhov hloov tshiab thiab xa tawm thaum tshawb nrhiav . Qhov kev tso tawm tom ntej ntawm Chrome 85 yog teem rau lub Yim Hli 25th.
:
- txhawb rau TLS 1.0 thiab TLS 1.1 raws tu qauv. Txhawm rau nkag mus rau cov chaw tshaj li kev sib txuas lus ruaj ntseg, tus neeg rau zaub mov yuav tsum muab kev txhawb nqa tsawg kawg yog TLS 1.2, txwv tsis pub browser tam sim no yuav pom qhov yuam kev. Raws li Google, tam sim no kwv yees li 0.5% ntawm nplooj ntawv web downloads txuas ntxiv mus siv cov ntawv tsis tu ncua ntawm TLS. Kev kaw tau ua tiav raws li IETF (Internet Engineering Task Force). Yog vim li cas tsis lees txais TLS 1.0/1.1 yog qhov tsis muaj kev txhawb nqa rau cov ciphers niaj hnub (piv txwv li, ECDHE thiab AEAD) thiab qhov yuav tsum tau los txhawb cov ciphers qub, qhov kev ntseeg tau raug nug nyob rau theem tam sim no ntawm kev txhim kho kev siv thev naus laus zis (piv txwv li. , kev txhawb nqa rau TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA yuav tsum tau, MD5 thiab SHA-1). Qhov chaw tso cai rov qab mus rau TLS 1.0/1.1 yuav khaws cia kom txog thaum Lub Ib Hlis 2021.
- Thaiv muab (tsis muaj encryption) ntawm cov ntaub ntawv ua tau zoo thiab ntxiv cov lus ceeb toom thaum thauj cov ntaub ntawv tsis zoo. Nyob rau hauv lub neej yav tom ntej, nws tau npaj yuav maj mam tso tseg tsis txhawb cov ntaub ntawv uploading yam tsis muaj encryption. Kev thaiv yog siv vim tias rub tawm cov ntaub ntawv tsis muaj encryption tuaj yeem siv los ua qhov phem los ntawm kev hloov cov ntsiab lus thaum MITM tawm tsam.
- kev txhawb nqa thawj zaug , tsim los ua lwm txoj hauv kev rau Tus Neeg Siv-Agent header. Lub Client Hints mechanism muaj ib tug series ntawm "Sec-CH-UA-*" headers raws li ib tug hloov rau User-Agent, uas tso cai rau koj los npaj xaiv xa cov ntaub ntawv hais txog tej browser thiab system tsis (version, platform, thiab lwm yam) xwb. tom qab kev thov los ntawm server. Tus neeg siv tau txais lub sijhawm los txiav txim siab seb qhov twg yog qhov tsim nyog rau kev xa khoom thiab xaiv muab cov ntaub ntawv zoo li no rau cov tswv tsev. Thaum siv Client Hints, tus cim tsis raug xa mus los ntawm lub neej ntawd yam tsis muaj kev thov meej, uas ua rau kev txheeb xyuas tsis raug (los ntawm lub neej ntawd, tsuas yog lub npe browser qhia). rau mus txog rau xyoo tom ntej.
- kev ua kom tau zoo
nruj dua Hloov cov ncuav qab zib ntawm qhov chaw, uas yog vim COVID-19. Rau cov kev thov uas tsis yog HTTPS, kev ua cov ncuav qab zib thib peb tau teeb tsa thaum nkag mus rau lwm qhov chaw uas tsis yog lub npe ntawm nplooj ntawv tam sim no raug txwv. Cov ncuav qab zib zoo li no yog siv los taug qab cov neeg siv kev txav mus los ntawm cov chaw hauv cov cai ntawm kev tshaj tawm xov xwm, social network widgets thiab web analytics systems.Nco qab tias txhawm rau tswj kev sib kis ntawm Cov Ncuav Qab Zib, SameSite tus cwj pwm tau teev tseg hauv Set-Cookie header yog siv, uas los ntawm lub neej ntawd yuav raug teeb tsa rau tus nqi "SameSite = Lax", uas txwv tsis pub xa cov ncuav qab zib rau cov ntawv thov hla ntawm qhov chaw. , xws li daim duab thov lossis thauj cov ntsiab lus ntawm iframe los ntawm lwm qhov chaw. Cov chaw tuaj yeem cuam tshuam qhov kev coj cwj pwm SameSite los ntawm kev teeb tsa lub ncuav qab zib rau SameSite = Tsis muaj. Ntxiv mus, tus nqi SameSite = Tsis muaj rau ncuav qab zib tsuas yog tuaj yeem teeb tsa hauv hom Kev Nyab Xeeb ( siv tau rau kev sib txuas ntawm HTTPS). Qhov kev hloov pauv yuav raug dov tawm hauv cov theem, pib nrog ib feem me me ntawm cov neeg siv thiab tom qab ntawd maj mam nthuav nws mus txog.
- Kev sim ua ntxiv ntxiv , uas tuaj yeem siv tau siv "chrome://flags/#enable-heavy-ad-intervention" chaw. Tus blocker tso cai rau koj tuaj yeem kaw iframe advertising blocks tom qab kev khiav tsheb thiab CPU load qhov pib dhau. Qhov thaiv yuav tshwm sim yog tias cov xov tseem ceeb tau siv ntau dua 60 vib nas this ntawm CPU lub sijhawm tag nrho lossis 15 vib nas this hauv 30-thib ob lub sijhawm (siv 50% ntawm cov peev txheej rau ntau dua 30 vib nas this), nrog rau thaum ntau dua 4 MB. cov ntaub ntawv tau raug rub tawm hauv lub network.
Kev thaiv yuav tsuas ua haujlwm yog tias, ua ntej qhov kev txwv tsis pub dhau, tus neeg siv tsis cuam tshuam nrog lub chaw tshaj tawm (piv txwv li, tsis tau nyem rau ntawm nws), uas, suav nrog kev txwv tsheb, yuav tso cai rau nws pib-playback ntawm loj. cov yeeb yaj kiab hauv kev tshaj tawm kom raug thaiv yam tsis muaj tus neeg siv qhia meej txog kev ua yeeb yaj kiab. Cov kev ntsuas uas tau hais tseg yuav cawm cov neeg siv los ntawm kev tshaj tawm nrog kev siv tsis tau zoo lossis txhob txwm ua rau cov kab mob parasitic (piv txwv li, mining). Raws li Google txheeb cais, kev tshaj tawm uas ua tau raws li cov txheej txheem thaiv kev ua rau tsuas yog 0.30% ntawm tag nrho cov chaw tshaj tawm, tab sis tib lub sijhawm, cov ntawv tshaj tawm zoo li no siv 28% ntawm CPU cov peev txheej thiab 27% ntawm cov tsheb khiav los ntawm tag nrho cov ntim ntawm kev tshaj tawm.
- Kev ua haujlwm tau ua tiav los txo cov kev siv CPU thaum lub qhov rais browser tsis nyob hauv tus neeg siv qhov kev pom. Chrome tam sim no xyuas seb lub qhov rais browser puas sib tshooj los ntawm lwm qhov rais thiab tiv thaiv kev kos duab pixels hauv thaj chaw sib tshooj. Cov yam ntxwv tshiab yuav raug dov tawm maj mam: kev ua kom zoo dua yuav raug xaiv rau qee tus neeg siv hauv Chrome 84, thiab rau lwm tus hauv Chrome 85.
- Kev tiv thaiv yog qhib los ntawm lub neej ntawd , piv txwv li, spam nrog kev thov kom tau txais cov ntawv ceeb toom thawb. Txij li cov kev thov no cuam tshuam tus neeg siv txoj haujlwm thiab cuam tshuam kev mloog los ntawm kev ua hauv kev lees paub dialogs, tsis yog kev sib tham sib cais hauv qhov chaw nyob bar, cov lus qhia uas tsis xav tau kev txiav txim los ntawm tus neeg siv yuav raug ceeb toom tias qhov kev thov kev tso cai raug txwv. , uas yog cia li minimized rau hauv ib qho kev taw qhia nrog cov duab ntawm ib tug crossed tawm tswb. Los ntawm nias rau ntawm qhov ntsuas, koj tuaj yeem qhib lossis tsis lees txais qhov kev tso cai thov thaum twg los tau yooj yim.
- Tus neeg siv txoj kev xaiv tau nco qab thaum qhib cov neeg tuav haujlwm rau cov txheej txheem sab nraud - tus neeg siv tuaj yeem xaiv "ib txwm tso cai rau lub xaib no" rau tus neeg saib xyuas tshwj xeeb thiab tus browser yuav nco qab qhov kev txiav txim siab ntawm qhov chaw tam sim no.
- Ntxiv kev tiv thaiv tiv thaiv kev hloov cov neeg siv kev teeb tsa yam tsis muaj kev pom zoo meej. Yog hais tias tus add-on hloov lub default search engine los yog nplooj ntawv tso tawm rau ib tug tshiab tab, lub browser tam sim no yuav tso saib ib tug dialog nug koj kom paub meej tias cov hauj lwm teev los yog tshem tawm qhov kev hloov.
- Kev siv ntawm kev tiv thaiv kev thauj khoom sib xyaw ua ke cov ntsiab lus (thaum cov peev txheej tau thauj khoom ntawm HTTPS nplooj ntawv ntawm http:// raws tu qauv). Ntawm nplooj ntawv qhib los ntawm HTTPS, "http://" txuas yuav tam sim no hloov pauv nrog "https://" hauv cov blocks cuam tshuam nrog kev thauj cov duab (scripts thiab iframes tau hloov yav dhau los, nws pib hloov cov khoom siv suab thiab video yuav tsum nyob rau hauv qhov kev tso tawm tom ntej). Yog tias daim duab tsis muaj nyob ntawm https, ces nws qhov kev rub tawm raug thaiv (koj tuaj yeem khij qhov thaiv los ntawm cov ntawv qhia zaub mov nkag tau los ntawm lub cim ntsuas phoo hauv qhov chaw nyob).
- Ntxiv API kev txhawb nqa (tsim raws li SMS Txais API), uas tso cai rau koj los npaj kev nkag ntawm ib lo lus zais ib zaug ntawm nplooj ntawv web tom qab tau txais SMS nrog cov lej lees paub xa mus rau tus neeg siv lub xov tooj Android uas lub browser tab tom khiav. Kev lees paub SMS, piv txwv li, tuaj yeem siv los txheeb xyuas tus lej xov tooj tau teev tseg los ntawm tus neeg siv thaum sau npe. Yog tias yav dhau los tus neeg siv yuav tsum tau qhib daim ntawv thov SMS, luam cov lej los ntawm nws mus rau daim ntawv teev npe, rov qab mus rau qhov browser thiab muab cov lej no, tom qab ntawd API tshiab ua rau nws tuaj yeem ua qhov txheej txheem no thiab txo nws mus rau ib qho kov.
- API nthuav dav
tswj cov playback ntawm web animation. Qhov kev tso tawm tshiab ntxiv kev txhawb nqa rau kev ua haujlwm sib xyaw, tso cai rau koj los tswj cov teebmeem cuam tshuam li cas thiab muab cov neeg ua haujlwm tshiab uas raug hu thaum cov ntsiab lus hloov pauv tshwm sim. Lub Web Animations API tam sim no tseem txhawb nqa Kev cog lus los txhais qhov kev txiav txim uas cov animations tau qhia thiab tswj tau zoo dua li cas cov animations cuam tshuam nrog lwm cov ntawv thov nta. - Ob peb API tshiab tau ntxiv rau Origin Trials hom (kev sim cov yam ntxwv uas yuav tsum tau ua kom cais tawm). Keeb Kwm Kev Txiav Txim hais txog kev muaj peev xwm ua haujlwm nrog API teev tseg los ntawm cov ntawv thov rub tawm los ntawm localhost lossis 127.0.0.1, lossis tom qab sau npe thiab tau txais lub cim tshwj xeeb uas siv tau rau lub sijhawm txwv rau ib qhov chaw tshwj xeeb.
- API rau cov neeg ua haujlwm pabcuam nkag mus rau HTTP Cov Ncuav Qab Zib, ua haujlwm asynchronous rau kev siv document.cookie.
- API txhawm rau txheeb xyuas cov neeg siv tsis ua haujlwm, tso cai rau koj txheeb xyuas lub sijhawm thaum tus neeg siv tsis cuam tshuam nrog cov keyboard / nas, lub vijtsam txuag tau ua haujlwm, lub vijtsam kaw, lossis ua haujlwm ua haujlwm ntawm lwm tus saib. Kev ceeb toom rau daim ntawv thov txog kev tsis ua haujlwm yog ua los ntawm kev xa ntawv ceeb toom tom qab ncav cuag qhov pib tsis ua haujlwm.
- Hom , tso cai rau tus tsim tawm siv ntau dua kev sib cais ntawm cov ntsiab lus ua tiav hauv cov txheej txheem sib cais nyob rau hauv kev sib raug zoo nrog lub hauv paus (keeb kwm - domain + chaw nres nkoj + raws tu qauv), es tsis yog lub xaib, ntawm tus nqi ntawm kev txiav kev them nyiaj yug rau qee yam cuab yeej cuab tam, xws li synchronous ua tiav cov ntawv sau siv document.domain thiab hu rau postMessage() xa cov lus rau WebAssembly.Module piv txwv. Hauv lwm lo lus, Origin Isolation tso cai rau koj los teeb tsa kev sib cais ntawm cov txheej txheem sib txawv raws li cov npe ntawm cov peev txheej, thiab tsis yog lub vev xaib nrog txhua qhov sib txawv ntawm cov nplooj ntawv.
- API siv vector SIMD cov lus qhia hauv cov ntawv thov hauv WebAssembly hom. Txhawm rau kom ntseeg tau tias lub platform muaj kev ywj pheej, nws muaj 128-ntsis hom tshiab uas tuaj yeem sawv cev sib txawv ntawm cov ntaub ntawv ntim khoom, thiab ntau yam kev ua haujlwm vector rau kev ua cov ntaub ntawv ntim. SIMD tso cai rau koj los ua kom cov khoom tsim tau los ntawm kev sib piv cov ntaub ntawv ua haujlwm thiab yuav muaj txiaj ntsig zoo thaum sau cov lej ib txwm nyob rau hauv WebAssembly. Txhawm rau pab txhawb SIMD, koj tuaj yeem siv qhov "chrome://flags/#enable-webassembly-simd" chaw.
- Stabilized thiab tam sim no faib tawm sab nraud ntawm Keeb Kwm Kev sim
API , uas muab cov ntaub ntawv metadata txog cov ntsiab lus uas yav tas los cached los ntawm cov ntawv thov web khiav hauv Progressive Web Apps (PWS) hom. Daim ntawv thov tuaj yeem txuag tau ntau yam ntaub ntawv nyob rau sab browser, suav nrog cov duab, yeeb yaj kiab thiab cov khoom, thiab thaum lub network kev twb kev txuas ploj lawm, siv nws siv Cache Storage thiab IndexedDB APIs. Cov ntsiab lus Indexing API ua rau nws muaj peev xwm ntxiv, nrhiav thiab tshem tawm cov peev txheej zoo li no. Hauv browser, API no twb tau siv los sau cov npe ntawm nplooj ntawv thiab cov ntaub ntawv multimedia muaj rau kev saib offline. - API version stabilized raws li kev cog lus mechanism, uas muab txoj hauv kev ruaj ntseg dua los tswj kev tsis ua haujlwm ntawm nws pib kaw cov ntxaij vab tshaus thiab hloov cov khoom siv rau hom kev txuag hluav taws xob.
- Hauv version rau Android platform kev txhawb nqa rau daim ntawv thov luv, tso cai rau koj los muab kev nkag mus sai rau cov kev ua haujlwm nrov hauv daim ntawv thov. Txhawm rau tsim cov shortcuts, tsuas yog ntxiv cov ntsiab lus rau lub vev xaib daim ntawv thov tshwm sim hauv PWA (Progressive Web Apps) hom ntawv.
- Web Worker raug tso cai siv API , uas tso cai rau koj los txhais tus neeg tuav ntaub ntawv rau kev tsim cov ntawv tshaj tawm, hu ua thaum nkag mus rau cov peev txheej dhau los. Daim ntawv tshaj tawm tsim tawm tuaj yeem khaws cia, xa mus rau lub server, lossis ua tiav los ntawm JavaScript tsab ntawv ntawm tus neeg siv qhov kev txiav txim siab.
- API hloov tshiab , uas tso cai rau koj los txuas tus neeg tuav ntaub ntawv rau cov ntawv ceeb toom txog kev hloov pauv qhov loj ntawm cov ntsiab lus ntawm nplooj ntawv yuav raug xa mus. Peb cov khoom tshiab tau ntxiv rau ResizeObserverEntry: cov ntsiab lusBoxSize, ciam tebBoxSize thiab ntaus ntawvPixelContentBoxSize los muab cov ntaub ntawv nthuav dav ntxiv, rov qab los ua ib qho array ntawm ResizeObserverSize cov khoom.
- Ntxiv lo lus tseem ceeb "Β» txhawm rau rov pib lub caij style rau nws tus nqi qub.
- Tshem tawm cov lus ua ntej rau CSS cov khoom "-webkit-appearance" thiab "-webkit-ruby-txoj hauj lwm", uas tam sim no muaj raws li ""Thiab"".
- Hauv JavaScript kev txhawb nqa rau kev kos npe thiab cov khoom ntawm cov chav kawm raws li kev ntiag tug, tom qab ntawd kev nkag mus rau lawv tsuas yog qhib rau hauv chav kawm (yav dhau los tsuas yog thaj chaw tuaj yeem yog ntiag tug). Txhawm rau kos cov txheej txheem thiab cov khoom ntiag tug: ua ntej lub npe teb muaj "#" kos npe.
- Hauv JavaScript yug (tsis muaj zog siv) rau JavaScript cov khoom uas tso cai rau koj khaws cov ntaub ntawv siv rau cov khoom, tab sis tsis txhob thaiv cov khib nyiab los ntawm kev rho tawm cov khoom cuam tshuam. Kev them nyiaj yug rau finalizers kuj tau ntxiv, ua kom nws muaj peev xwm txhais tau tus neeg tuav ntaub ntawv uas yog hu ua tom qab sau cov khib nyiab ntawm cov khoom teev tiav.
- Kev tshaj tawm cov ntawv thov ntawm WebAssembly tau nrawm dua, ua tsaug rau kev siv nyob rau hauv thawj zaug (baseline) Liftoff compiler ΠΈ . Cov cuab yeej rau kev debugging WebAssembly tau raug txhim kho, kev debugging kev ua tau zoo tau zoo dua thaum siv cov ntsiab lus tawg (yav dhau los, tus neeg txhais lus tau siv rau kev debugging, thiab tam sim no Liftoff compiler).
- Hauv cov cuab yeej rau web developers pphttps://developers.google.com/web/updates/2020/05/devtools lub vaj huam sib luag rau kev soj ntsuam kev ua tau zoo tau hloov kho. Ntxiv cov ntaub ntawv dav dav txog qhov ntsuas (Lub Sijhawm Thaiv Tag Nrho), qhia ntev npaum li cas nplooj ntawv zoo nkaus li muaj, tab sis qhov tseeb tsis muaj (piv txwv li nplooj ntawv twb tau ua tiav lawm, tab sis kev ua tiav ntawm cov xov tseem ceeb tseem raug thaiv thiab cov ntaub ntawv nkag tsis tau). Ntxiv ib seem Kev Paub tshiab rau kev ntsuas ntsuas (Cumulative Layout Shift), qhia txog qhov pom kev ruaj ntseg ntawm cov ntsiab lus. CSS styles soj ntsuam vaj huam sib luag muab saib ua ntej ntawm cov duab teev tseg los ntawm "tom qab-duab" cov cuab yeej.
Ntxiv nrog rau kev tsim kho tshiab thiab kho kab laum, cov tshiab version tshem tawm . Ntau qhov tsis zoo tau raug txheeb xyuas los ntawm kev ntsuas kev siv tshuab nrog cov cuab yeej , , , ΠΈ . Ib qhov teeb meem (CVE-2020-6510, buffer overflow in the fetch background handler) yog cim tias tseem ceeb, i.e. tso cai rau koj hla txhua theem ntawm kev tiv thaiv browser thiab ua tiav cov cai ntawm lub kaw lus sab nraud sandbox ib puag ncig. Raws li ib feem ntawm qhov kev pab cuam them nyiaj ntsuab rau kev tshawb pom qhov tsis zoo rau qhov kev tso tawm tam sim no, Google tau them 26 khoom plig muaj nqis $ 21500 (ob qho khoom plig $ 5000, ob qho khoom plig $ 3000, ib qho khoom plig $ 2000, ob qho khoom plig $ 1000, thiab peb $ 500 khoom plig). Qhov loj ntawm 16 khoom plig tseem tsis tau txiav txim siab.
Tau qhov twg los: opennet.ru