🥇Chrome 91 oo la sii daayay

Google ayaa daaha ka qaaday sii daynta biraawsarka shabakadda Chrome 91. Isla markaana, si xasilloon loo sii daayo mashruuca Chromium ee bilaashka ah, kaas oo u adeega saldhigga Chrome, ayaa diyaar ah. Browser-ka Chrome-ka waxaa lagu kala soocaa isticmaalka calaamadaha Google-ka, joogitaanka nidaamka dirida ogaysiisyada haddii shil dhaco, modules-ka ciyaarta waxyaabaha ka kooban fiidiyowga la ilaaliyo (DRM), nidaam si toos ah loogu rakibo cusbooneysiinta, iyo gudbinta cabbirrada RLZ marka la raadinayo. Siideynta xigta ee Chrome 92 waxaa loo qorsheeyay Luulyo 20-keeda.

Isbeddellada muhiimka ah ee Chrome 91:

Hirgeliyay awoodda lagu joojinayo fulinta JavaScript ee kooxda tab burburtay. Chrome 85 wuxuu soo bandhigay taageerada abaabulka tabs kooxo la xiriirin karo midab iyo calaamad gaar ah. Markaad gujiso calaamada kooxeed, tabsyada laxidhiidha way burburaan oo hal calaamad ayaa hadhi doonta bedelkeeda (gujista calaamada mar kale ayaa furaysa kooxda). Siideynta cusub, si loo dhimo culeyska CPU loona badbaadiyo tamarta, dhaqdhaqaaqa tabsiyada la yareeyay waa la hakiyay. Waxa ka reeban oo keliya loo sameeyay tabs-yada dhawaaqa ciyaara, adeegso Qufulka Shabakadda ama IndexedDB API, ku xidha aaladda USB, ama qabashada muqaal, codka, ama waxa ku jira daaqadda. Isbeddelka si tartiib tartiib ah ayaa loo daabici doonaa, laga bilaabo boqolkiiba yar ee isticmaalayaasha.
Taageerada ay ku jirto habka heshiiska muhiimka ah ee u adkeysanaya awoodda wax-ku-oolka ah ee kombuyuutarrada quantum-ka. Kumbuyuutarrada Quantum-ka ayaa si aad ah ugu dhaqsaha badan xallinta mushkiladda kala-goynta tirada dabiiciga ah ee qodobbada muhiimka ah, kuwaas oo hoosta ka xarriiqaya algorithms-ka asymmetrical-ka casriga ah oo aan si wax ku ool ah loo xallin karin soo-saareyaasha qadiimiga ah. Si loogu isticmaalo TLSv1.3, CECPQ2 (Isku-dhafka Elliptic-Curve iyo Post-Quantum 2) plugin ayaa la bixiyaa, isku darka X25519 caadiga ah habka sarrifka furaha nidaamka HRSS ee ku salaysan NTRU Prime algorithm, oo loogu talagalay nidaamyada crypto-ka dambe ee quantum.
Taageerada borotokoolka TLS 1.0 iyo TLS 1.1, kuwaas oo ay ka dhigeen guddiga IETF (Internet Engineering Task Force), gabi ahaanba waa la joojiyay. Oo ay ku jirto suurtagalnimada soo celinta TLS 1.0/1.1 iyadoo la beddelayo siyaasadda SSLVersionMin waa la saaray.
Shirarka loo yaqaan 'Linux platform' waxaa ka mid ah isticmaalka "DNS over HTTPS" (DoH, DNS over HTTPS), kaas oo markii hore loo keenay isticmaalayaasha Windows, macOS, ChromeOS iyo Android. DNS-over-HTTPS si toos ah ayaa loogu hawlgelin doonaa isticmaalayaasha ay dejishoodu ku qeexan yihiin bixiyeyaasha DNS ee taageera tignoolajiyadan (DNS-over-HTTPS isla bixiyaha ayaa loo isticmaalaa sida DNS). Tusaale ahaan, haddii adeegsaduhu uu leeyahay DNS 8.8.8.8 ee ku qeexan nidaamka nidaamka, markaa adeegga Google-ka ee DNS-over-HTTPS ("https://dns.google.com/dns-query") ayaa laga hawlgelin doonaa Chrome-ka haddii DNS-ka waa 1.1.1.1 , ka dibna adeegga DNS-over-HTTPS ee Cloudflare ("https://cloudflare-dns.com/dns-query"), iwm.
Port 10080, oo loo isticmaalo kaydinta Amanda iyo VMWare vCenter, ayaa lagu daray liiska dekedaha shabakadaha mamnuuca ah. Markii hore, dekedaha 69, 137, 161, 554, 1719, 1720, 1723, 5060, 5061 iyo 6566 waa la xannibay. Dekedaha liiska madow, dirida HTTP, HTTPS iyo FTP codsiyada waa la xannibay si looga ilaaliyo weerarka qulqulka NAT. , kaas oo u ogolaanaya marka la furo bogga internetka ee uu si gaar ah u diyaariyey qofka weerarka ku jira browserka si uu u sameeyo isku xirka shabakada ee server-ka weerarka si uu u sameeyo UDP ama TCP deked kasta oo ku saabsan nidaamka isticmaalaha, inkastoo isticmaalka kala duwan ee ciwaanka gudaha (192.168.x.x, 10). x.x.x).
Waxaa suurtagal ah in la habeeyo soo saarista tooska ah ee codsiyada webka gooni u taagan (PWA - Progressive Web Apps) marka isticmaaluhu uu galo nidaamka (Windows iyo macOS). Autorun waxaa lagu habeeyay chrome://apps bogga. Shaqada hadda waxaa lagu tijaabiyay tiro yar oo isticmaalayaasha ah, inta soo hartayna waxay u baahan tahay in la dhaqaajiyo goobta "chrome://flags/#enable-desktop-pwas-run-on-os-login".
Iyada oo qayb ka ah shaqada si loogu dhaqaajiyo browserka si uu u isticmaalo ereybixin loo dhan yahay, faylka "master_preferences" waxaa loo bedelay "doorbidaxyada hore". Si loo ilaaliyo iswaafajinta, taageerada "master_preferences" waxay ku sii jiri doontaa browserka in muddo ah. Markii hore, browserka ayaa mar hore ka takhalusay isticmaalka erayada "whitelist", "list madow" iyo "hooyo".
Habka Baadhitaanka Badbaadada ah ee La xoojiyey, kaas oo dhaqaajiya hubinno dheeraad ah si looga ilaaliyo phishing, hawlaha xaasidnimada ah iyo hanjabaadaha kale ee Shabkada, waxa ka mid ah awoodda lagu soo diro faylasha la soo dejiyey si looga baadho dhinaca Google. Intaa waxaa dheer, Baadhitaanka Badbaadada ah ee la xoojiyey wuxuu hirgeliyaa xisaabinta calaamadaha ku xidhan koontada Google marka la aqoonsanayo isku dayga phishingka, iyo sidoo kale u dirida qiyamka madaxa ee server-yada Google si loo hubiyo gudbinta goobta xaasidnimada ah.
Daabacaadda aaladda Android, naqshadeynta walxaha qaabka shabakadda ayaa la hagaajiyay, kuwaas oo loo habeeyay isticmaalka shaashadaha taabashada iyo nidaamyada dadka naafada ah (nidaamyada desktop-ka, naqshadeynta ayaa dib loogu cusbooneysiiyay Chrome 83). Ujeedada dib-u-shaqayntu waxay ahayd in la mideeyo naqshadaynta qaabka qaabka iyo baabi'inta is-waafajinta qaabka - hore, xubno ka mid ah qaababka ayaa loo qaabeeyey si waafaqsan nidaamka hawlgalka nidaamka hawlgalka, iyo qaar si waafaqsan qaababka ugu caansan. Sababtaas awgeed, walxo kala duwan ayaa si kala duwan ugu habboon muraayadaha taabashada iyo nidaamyada dadka naafada ah.
Waxaa lagu daray ra'yi adeegsad oo la tusay marka la furayo goobaha Sanduuqa Qarsoonnimada (chrome://settings/privacySandbox).
Markaad ku shaqeyneyso nooca Android ee Chrome-ka kumbuyuutarrada kumbuyuutarka ee leh shaashado waaweyn, codsiga waxaa loo sameeyaa nooca desktop-ka ee goobta, ee maaha daabacaadda aaladaha mobilada. Waxaad bedeli kartaa habdhaqanka adigoo isticmaalaya "chrome://flags/#request-desktop-site-for-tablets"
Koodhka miiska bandhiga ayaa dib loo habeeyey, kaas oo noo ogolaaday in aanu xalinno mashaakilaadka iswaafaq la'aanta habdhaqanka marka aanu muujinayno miisaska Chrome iyo Firefox/Safari.
Nidaaminta shahaadooyinka server-ka ee maamulka shahaado bixinta Isbaanishka Camerfirma waa la joojiyay shilalka soo noqnoqda tan iyo 2017 ee ku lug leh xadgudubyada bixinta shahaadooyinka. Taageerada shahaadooyinka macmiilka waa la hayaa; xannibaadda waxay khusaysaa oo keliya shahaadooyinka lagu isticmaalo bogagga HTTPS.
Waxaan sii wadeynaa hirgelinta taageerada kala-qeybsanaanta shabakada si aan uga hortagno hababka dabagalka dhaqdhaqaaqa isticmaalaha ee u dhexeeya goobaha ku salaysan kaydinta aqoonsiga meelaha aan loogu talagalin kaydinta joogtada ah ee macluumaadka ("Supercookies"). Sababtoo ah agabka la kaydiyay waxaa lagu kaydiyaa meel magac guud ah, iyadoon loo eegin goobta asalka ah, hal goob ayaa go'aamin karta in goob kale ay soo rarto agabka iyadoo hubinaysa in kheyraadkaasi ku jiro kaydka. Ilaalintu waxay ku salaysan tahay isticmaalka qaybta shabakada (Network Partitioning), nuxurkeedu waa in lagu daro khasnado la wadaago oo dheeraad ah oo ku xiran diiwaanka goobta laga furay bogga ugu muhiimsan, kaas oo xaddidaya caymiska kaydinta qoraallada dabagalka dhaqdhaqaaqa oo kaliya ilaa goobta hadda (qoraalka iframe ma awoodi doono inuu hubiyo in kheyraadka laga soo dejiyey goob kale iyo in kale).
Qiimaha qaybintu waa hoos u dhac ku yimi wax ku oolnimada kaydinta, taasoo horseedaysa koror yar oo wakhtiga xajinta bogga (ugu badnaan 1.32%, laakiin 80% ee goobaha 0.09-0.75%). Si aad u tijaabiso qaabka kala qaybinta, waxaad ku wadi kartaa browserka ikhtiyaarka "-enable-features=PartitionConnectionsByNetworkIsolationKey, PartitionExpectCTStateByNetworkIsolationKey, PartitionHttpServerPropertiesByNetworkIsolationKey, PartitionNelAndReportingByNetworkHostIsolationKeysQaybtaCaafimaadkaByNetworkIsolationKey Furaha".
Kudaray dibadda REST API VersionTaariikhda (https://versionhistory.googleapis.com/v1/chrome), kaas oo aad ka heli karto macluumaadka ku saabsan noocyada Chrome-ka ee la xidhiidha aaladaha iyo laamaha, iyo sidoo kale taariikhda cusboonaysiinta browserka.
Iframes laga soo raray domains aan ka ahayn bogga bogga saldhigga, bandhiga digniinta wada-hadallada JavaScript (), xaqiiji () iyo degdeg () waa mamnuuc, taas oo ka ilaalin doonta isticmaalayaasha isku dayada qoraalka dhinac saddexaad si ay u muujiyaan farriimaha hoos yimaada iska dhig in ogeysiiska ay soo bandhigtay goobta ugu weyn.
WebAssembly SIMD API waa la dejiyay waxaana loo soo bandhigay si caadi ah si loogu isticmaalo tilmaamaha SIMD vector ee codsiyada qaabaysan WebAssembly. Si loo hubiyo madax-bannaanida goobta, waxay bixisaa nooc cusub oo 128-bit ah oo matali kara noocyo kala duwan oo xog la soo buuxiyey, iyo dhowr hawlgallo asaasi ah oo vector ah oo lagu farsameeyo xogta la soo buuxiyey. SIMD waxay kuu ogolaanaysaa inaad kordhiso wax soo saarka adoo isbarbar dhigaya habaynta xogta waxayna noqon doontaa mid faa'iido leh markaad ururinayso koodka asalka ah WebAssembly.
Dhowr API oo cusub ayaa lagu daray qaabka Tijaabooyinka asalka ah (sifado tijaabo ah oo u baahan hawlgelin gaar ah). Tijaabada asalka ah waxay tusinaysaa awoodda lagula shaqaynayo API-ga la cayimay ee codsiyada laga soo dejiyey localhost ama 127.0.0.1, ama ka dib marka la diiwaan geliyo oo la helo calaamad gaar ah oo shaqaynaysa wakhti xaddidan goob gaar ah.
- WebTransport waa borotokool iyo la socota JavaScript API si loo diro loona helo xogta u dhaxaysa browserka iyo serverka. Kanaalka isgaadhsiinta waxaa lagu habeeyay dusha HTTP/3 iyadoo la isticmaalayo qawaaniinta QUIC gaadiid ahaan, taas oo, iyaduna, ku darsanaysa hab-maamuuska UDP ee taageera isku dhufashada isku xidhka badan oo bixiya habab sir ah oo u dhigma TLS/SSL.
  WebTransport waxaa loo isticmaali karaa halkii WebSockets iyo RTCDataChannel hababka, oo bixiya sifooyin dheeraad ah sida gudbinta qulqulka badan, durdurrada aan jihada lahayn, bixinta amarka ka baxsan, hababka gaarsiinta la isku halleyn karo oo aan la isku halleyn karin. Intaa waxaa dheer, WebTransport waxaa loo isticmaali karaa halkii laga isticmaali lahaa habka Server Push, kaas oo Google uu kaga tagay Chrome.
- Isku xirka caddaynta ee qeexaya isku xirka codsiyada webka keligiis ah (PWAs), karti u leh iyada oo la adeegsanayo cabbirka qabashada_links ee muujinta codsiga webka oo u oggolaanaya goobaha inay si toos ah u furaan daaqad cusub PWA marka xiriiriyaha codsiga la gujiyo ama u beddelo qaab hal daaqad ah, la mid ah codsiyada mobilada.
- Waxaa lagu daray WebXR Plane Detection API, kaas oo bixiya macluumaadka ku saabsan meelaha qorshaysan ee jawi 3D ah. API-ga la cayimay waxa uu suurtogal ka dhigayaa in laga fogaado habbaynta kheyraadka-degdegga ah ee xogta laga helo wicitaanka MediaDevices.getUserMedia(), iyada oo la adeegsanayo hirgelinta lahaanshaha ee algorithms-ka aragga kombiyuutarka. Aan ku xasuusino in WebXR API uu kuu ogolaanayaa inaad ku midayso shaqada fasallo kala duwan oo ah aaladaha dhabta ah ee dhabta ah, laga bilaabo koofiyadaha 3D ee taagan ilaa xalalka ku saleysan aaladaha mobilada.
Taageerada la shaqaynta WebSockets ee HTTP/2 (RFC 8441) ayaa la hirgaliyay, taas oo ansax ah kaliya codsiyada aaminka ah ee WebSockets iyo joogitaanka xiriir hore oo HTTP/2 ah oo la sameeyay server-ka, kaas oo ku dhawaaqay taageerada "WebSockets over" HTTP/2" kordhinta
Xadka saxnaanta qiyamka saacada ee ay soo saartay wacitaanka waxqabadka Tusaale ahaan, nidaamyada desktop-ka, saxnaanta marka lagu shaqeynayo xaalado aan go'doon ahayn ayaa laga yareeyay 5 ilaa 100 microsecond.
Dhismaha Desktop-ka hadda waxaa ka mid ah awoodda lagu akhriyo faylalka sabuuradda (qorista faylalka sabuuradda wali waa mamnuuc). async function onPaste (e) { u daa faylka = e.clipboardData.files[0]; ha ku jiraan = sugi file.text (); }
CSS waxa ay fulisaa xeerka @counter-style, kaas oo kuu ogolaanaya in aad qeexdo qaabkaaga xisaabaadka iyo sumadaha liisaska lambaraysan.
Fasalada been abuurka ah ee CSS ": host ()"iyo":host-context()" waxay ku dareen awooda gudbinta hal qiyam ee xulayaasha isku dhafka ah () marka lagu daro liisaska xulayaasha ().
Isku-xidhka GravitySensor ee lagu daray si loo go'aamiyo xogta mugga (saddex faasas oo isku-dubbarid) oo laga helo dareemayaasha cuf-jiidadka.
Nidaamka Galitaanka API wuxuu bixiyaa awooda lagu qeexo talooyinka doorashada magaca faylka iyo hagaha lagu bixiyo wada hadalka abuurista ama furitaanka faylka.
Iframes laga soo raray xayndaabyada kale waa loo oggol yahay inay galaan WebOTP API haddii isticmaaluhu uu bixiyo oggolaanshaha habboon. WebOTP wuxuu kuu ogolaanayaa inaad akhrido koodka xaqiijinta ee hal mar lagu soo diro SMS.
Loo oggol yahay in la wadaago gelitaanka aqoonsiga boggaga ku xidhan iyadoo la adeegsanayo habka DAL (Digital Asset Links), kaas oo u oggolaanaya codsiyada Android in lala xidhiidhiyo goobaha si loo fududeeyo gelitaanka.
Shaqaalaha adeegu waxay ogolaadaan isticmaalka qaybaha JavaScript. Marka la tilmaamayo nooca 'module' marka la wacayo dhiska, qoraalada la cayimay waxaa lagu rari doonaa qaab modules oo diyaar u ah soo dejinta ee macnaha guud ee shaqaalaha. Taageerada module waxay fududaynaysaa in la wadaago koodka boggaga internetka iyo shaqaalaha adeegga.
JavaScript wuxuu bixiyaa awoodda lagu hubinayo jiritaanka meelaha gaarka ah ee shay iyadoo la isticmaalayo "#foo in obj" syntax. fasalka A { imtixaan taagan (obj) {console.log(#foo in obj); } #foo = 0; } A.imtixaan (cusub A()); // run A.imtixaan({}); // been ah
JavaScript sida caadiga ah waxay u ogolaataa isticmaalka ereyga sugitaanka ee cutubyada heerka ugu sarreeya, taas oo u oggolaanaysa wicitaannada asynchronous in si habsami leh loogu dhex daro habka loading moduleka oo ka fogaanaya in lagu duubo "shaqada async". Tusaale ahaan, halkii (async function () {sugi Promise.resolve(console.log('tijaabada'));}()); hadda waxaad qori kartaa sug Promise.resolve(console.log('tijaabada'));
Matoorka V8 JavaScript waxa uu hagaajiyay hufnaanta template caching, kaas oo kordhiyey xawaaraha gudbinta Speedometer4.5-FlightJS 2%.
Qayb weyn oo ka mid ah hagaajinta ayaa lagu sameeyay qalabka loogu talagalay horumarinta shabakadaha. Qaab cusub oo kormeeraha xusuusta ah ayaa lagu daray, isagoo siinaya qalab lagu baadho xogta ArrayBuffer iyo xusuusta Wasm.
Tilmaamaha waxqabadka oo kooban ayaa lagu daray guddiga Waxqabadka, taasoo kuu ogolaanaysa inaad qiimeyso in goobtu u baahan tahay hagaajin iyo in kale.

Horu-u-eegidda sawirka ee guddiga Elements iyo guddiga falanqaynta shabakada waxay bixiyaan macluumaadka ku saabsan saamiga dhinaca sawirka, xulashada samaynta, iyo cabbirka faylka.

Guddiga kormeerka shabakadda, hadda waa suurtagal in la beddelo qiyamka la aqbalay ee madaxa-Encoding Content-ka.

Qaabka qaabka, hadda waxaad si dhakhso ah u arki kartaa qiimaha la xisaabiyay markaad dhex marayso cabbirrada CSS adiga oo dooranaya "Eeg qiimaha la xisaabiyey" ee macnaha guud.

Marka lagu daro hal-abuurnimada iyo hagaajinta cayayaanka, nooca cusubi wuxuu meesha ka saarayaa 32 dayacan. Qaar badan oo ka mid ah baylahda ayaa lagu aqoonsaday natiijada baaritaanka tooska ah iyadoo la adeegsanayo AddressSanitizer, MemorySanitizer, Control Flow Integrity, LibFuzzer iyo AFL. Ma jiraan dhibaatooyin halis ah oo la aqoonsaday kuwaas oo u oggolaanaya mid ka gudbi kara dhammaan heerarka ilaalinta browserka oo uu ku fuliyo koodka nidaamka ka baxsan deegaanka sandbox. Iyada oo qayb ka ah barnaamijka lagu bixiyo abaal-marin lacageed oo lagu ogaanayo baylahda sii-deynta hadda, Google waxay bixisay 21 abaal-marin oo qiimahoodu yahay $92000 (hal abaalmarin $20000 ah, hal abaalmarin $15000, abaalmarin $7500, saddex $5000 abaal-marin ah, saddex $3000 abaal-marin, laba abaal-marineed $1000). $500). Baaxadda 5-ta abaal-marin weli lama go'aamin.

Source: opennet.ru

Chrome sii daynta 91

Add a comment cancel reply