ProHoster > Ibhulogi > iindaba ze-intanethi > Ukukhutshwa kweChrome 145

Ukukhutshwa kweChrome 145

I-Google ikhuphe inguqulelo ye-145 yesikhangeli sewebhu se-Chrome. Ukukhutshwa okuzinzileyo kweprojekthi yeChromium evulelekileyo, isiseko seChrome, nako kuyafumaneka. I-Chrome yahlukile kwiChromium ekusebenziseni kwayo iilogo zeGoogle, inkqubo yayo yesaziso sokuphahlazeka, iimodyuli zokudlala umxholo wevidiyo okhuselweyo (i-DRM), ukufakwa kohlaziyo oluzenzekelayo, ukwahlulwa kwebhokisi yesanti ehlala ivuliwe, ukunikezelwa kwezitshixo ze-API zeGoogle, kunye nokusetyenziswa kweeparameter ze-RLZ ngexesha lokukhangela. Kwabo bafuna ixesha elingakumbi lokuhlaziya, isebe elahlukileyo le-Extended Stable ligcinwa iiveki ezisibhozo. Ukukhutshwa okulandelayo, i-Chrome 146, kucwangciselwe umhla we-10 kweyoKwindla.

Utshintsho oluphambili kwiChrome 145:

  • Inkxaso eyongeziweyo yefomathi yomfanekiso weJPEG XL, edityaniswe kusetyenziswa ilayibrari ye-jxl-rs kunye nokuphunyezwa kweRust kweJPEG-XL. Inkxaso yeJPEG XL okwangoku ayisebenzi ngokuzenzekelayo kwaye ifuna ukuba useto lwe-"chrome://flags/#enable-jxl-image-format" luvulwe.
  • Siqhubekile nokuphuhlisa imo ye-AI, evumela ukusebenzisana nearhente ye-AI ukusuka kwibha yedilesi okanye kwiphepha elibonisiweyo xa uvula ithebhu entsha. Imo ye-AI ikuvumela ukuba ubuze imibuzo enzima ngolwimi lwendalo kwaye ufumane iimpendulo ezisekelwe ekuhlanganisweni kolwazi oluvela kumaphepha afanelekileyo kwisihloko esithile. Ukuba kuyimfuneko, umsebenzisi unokucacisa ulwazi ngemibuzo ekhokelayo. Imo ikwavumela ukuba ubuze imibuzo malunga nomxholo wephepha ngokuthe ngqo ukusuka kwibha yedilesi. Kwi-Chrome 145, imo ye-AI isetyenziswa kwiinguqulelo zamaqonga Android kunye ne-iOS. Kubasebenzisi baseKhanada, eIndiya, naseNew Zealand, i-Gemini chatbot yenziwe yasebenza ngokuzenzekelayo (xa usebenzisa isiNgesi).
  • Indlela ye-DBSC (Device Bound Session Credentials) yongezwe, ekuvumela ukuba ubophe iseshoni yokuqinisekisa iwebhusayithi kwisixhobo esithile ukuze wenze kube nzima ukuhlaselwa kwezinye iinkqubo usebenzisa ii-cookies zeseshoni ezithintelweyo. Isihloko se-HTTP esithi "Secure-Session-Registration" sicetywayo sokwenza iseshoni ebotshelelwe kwisixhobo. Le ndlela yokukhusela ibandakanya ukubonelela ngee-key ze-cryptographic ezibotshelelwe kwisixhobo sangoku, ezenziwe xa kuqhagamshelwa kwaye zigcinwe kwi-TPM (Trusted Platform Module). Iseshoni isebenzisa ii-cookies ezihlala ixesha elifutshane, ezihlaziywa rhoqo kusetyenziswa isitshixo sabucala kwaye zinokuqinisekiswa kusetyenziswa isitshixo sikawonke-wonke.
    Ukukhutshwa kweChrome 145
  • Isetingi evumela abasebenzisi ukuba bavale ukuvalwa kwee-add-on zesiphequluli ezinyanzelisiweyo ezifunyenwe ziphula imigaqo-nkqubo emincinci yeVenkile yeWebhu yeChrome isusiwe. Ukwaphulwa okuncinci kuquka ubuthathaka obunokubakho, ukutyhala ii-add-on ngaphandle kolwazi lomsebenzisi, ukuguqulwa kwemetadata, ukwaphulwa kwemigaqo-nkqubo yedatha yomsebenzisi, kunye nokusebenza okulahlekisayo.
  • Kwinguqulelo yeqonga Android xa usebenzisa imo yokukhusela ephucukileyo (AAPM, Android (Imo yoKhuseleko oluPhambili) ikhubaza i-WebGPU JavaScript API. Iiwebhusayithi ezisebenzisa iWebGPU ukwenza umxholo we-3D (umz., iiGoogle Maps) zinokusebenzisa ezinye iindlela ezicothayo, ezifana neWebGL (i-5.78% icothayo kwiimvavanyo). Ipropati ye-navigator.gpu ingasetyenziselwa ukubona ukuba iWebGPU ayisebenzi na.
  • Kwinguqulelo ye Android Xa i-Enhanced Safe Browsing ivuliwe, uhlalutyo lwendawo olubonisa inkangeleko yesikhangeli luyasetyenziswa ukuze kufunyanwe iimpawu zobuqhetseba. Ukuba uhlolo lwendawo lubonisa umxholo okrokrelwayo ongathandabuzekiyo, uhlolo olongezelelweyo lwenziwa kwiiseva zikaGoogle, kwaye ukuba luqinisekisiwe, isilumkiso siyaboniswa kumsebenzisi.
  • I-Origin API yongezwe, inika into ye-Origin esebenzisa ingcamango ye-Web Origin kwaye inika iindlela zokuthelekisa, ukulandelelanisa, kunye nokuhlaziya i-Web Origins. Igama elithi "Web Origin" lichazwe kwi-RFC 6454 ukwahlula phakathi kokuhlukaniswa komxholo kunye nemida yokuthembana. I-Web Origin iquka inxenye ye-URL enegama leprotocol, igama lomninimzi, kunye nenombolo yezibuko (umz., https://opennet.ru). Le API intsha yaziswa ukuhlanganisa imisebenzi kunye ne-Web Origins kunye nokususa ubuthathaka obubangelwa kuthelekiso olungalunganga lweempawu ze-ASCII ezilandelelanayo ze-Web Origins xa kumiselwa ukuba izixhobo zisesayithini enye na.
  • Amalungelo okufikelela kwinkqubo yasekuhlaleni xa usebenzisana neendawo zikawonke-wonke ahlukanisiwe. Izicelo ezivela kwindawo ziya Idilesi yam ye-IP Izicelo zenethiwekhi yendawo (idilesi ye-intranet okanye yangaphakathi) kunye ne-loopback interface (127.0.0.0/8) ngoku zicutshungulwa kusetyenziswa iimvume ezahlukeneyo (inethiwekhi yendawo kunye nenethiwekhi ye-loopback), nto leyo efuna umsebenzisi ukuba aqinisekise ukusebenza kwibhokisi yencoko ekhethekileyo. Iinzame zokukhuphela izixhobo, izicelo ze-fetch(), kunye nokufakwa kwe-iframe zigutyungelwe lukhuseleko. Abahlaseli basebenzisa izicelo zezixhobo zangaphakathi ukwenza uhlaselo lwe-CSRF kwii-routers, iindawo zokufikelela, iiprinta, ii-web interfaces zenkampani, kunye nezinye izixhobo kunye neenkonzo ezamkela izicelo ezivela kwinethiwekhi yendawo kuphela. Ngaphezu koko, ukuskena izixhobo zangaphakathi kungasetyenziselwa ukuchonga okungathanga ngqo okanye ukuqokelela ulwazi malunga nenethiwekhi yendawo.
  • Useto lwe-UserAgentReduction, oluvumele i-Untrimmed User-Agent HTTP header kunye neeparameter zeJavaScript navigator.userAgent, navigator.appVersion, kunye ne-navigator.platform ukuba zidluliselwe kwakhona, lususiwe. Isikhangeli ngoku sihlala sithumela i-User-Agent header encitshisiweyo ngaphandle kolwazi oluneenkcukacha lweqonga (umz., "Android 16; S" endaweni ka "Android 16; SM-A205U").
  • Isibuki sePDF esakhelwe ngaphakathi ngoku sixhasa ukugcina amaxwebhu kwisitoreji sefu seGoogle Drive. KwiGoogle Drive, amaxwebhu avela kwiChrome agcinwa kwifolda ethi "Saved from Chrome".
  • I-LayoutShift API, elandelela utshintsho kwindawo yezinto ze-DOM kwisikrini, itshintshelwe ekuboniseni ulwazi kwiiphikseli ze-CSS endaweni yeephikseli zesikrini. Iiphikseli ze-CSS zithathela ingqalelo i-DPI yesikrini kwaye ziyafana ngokubonakalayo kuzo zonke izikrini, kuquka iimonitha ezinobuninzi beephikseli. Olu tshintsho lwenziwe ukuze kuhambelane i-Chrome nezinye izikhangeli.
  • Indlela yeWebRequest.SecurityInfo isetyenzisiwe kwiControlled Frame API, ivumela usetyenziso lwewebhu ukuba luthintele isicelo seHTTPS, WSS, okanye seWebTransport kwiseva kwaye lufumane isiqinisekiso seminwe. umncedisi kwaye uyisebenzisele ukuqinisekisa ngesandla isatifikethi esisetyenziselwa uqhagamshelo oluthe ngqo kwiseva efanayo nge-TCP/UDP.
  • Inkxaso eyongezelelweyo yeepropathi ze-CSS ze-column-wrap kunye ne-column-height ezichazwe kwi-CSS Multi-column Layout 2 specification. Ipropathi ye-column-wrap ivumela iikholamu ukuba zisonge kumgca omtsha endaweni yokuskrola ngokuthe tye ukuba iikholamu azingeni ngaphakathi kokuphakama okuchazwe yipropathi ye-column-height.
  • Yongeze ipropathi yeCSS ethi text-justify, ekuvumela ukuba ucacise uhlobo lolungelelwaniso lwesicatshulwa xa usebenzisa i-"text-align: justify";
  • Iimpawu ze-CSS zokwahlulwa koonobumba kunye ne-word-spacing zikuvumela ukuba uchaze ubungakanani bokwahlulwa koonobumba njengepesenti.
  • Izinto zeJavaScript Map kunye neWeakMap ziphumeza inkcazo ye "upsert", zenza kube lula umsebenzi ngeengqokelela zee-key/value pairs. Iindlela ze-getOrInsert kunye ne-getOrInsertComputed zongezwe, zibuyisela ixabiso esele likwingqokelela edibene nesitshixo esichaziweyo okanye zenze ingeniso entsha ukuba isitshixo asifumaneki.
  • Ukuphunyezwa kwe-IndexedDB API kubhalwe ngokutsha kusetyenziswa isiseko sedatha se-SQLite njenge-backend (ukuphunyezwa kwangaphambili kuxhomekeke kwi-LevelDB kwiifayile ezahlukeneyo). Ukuphunyezwa okutsha okwangoku kusetyenziswa kuphela kwiimeko zememori, njengakwimo ye-incognito.
  • Kuphuculwe izixhobo zabaphuhlisi bewebhu. Ukukwazi ukunciphisa isantya sezicelo zenethiwekhi nganye ngoku kuyasebenza ngokuzenzekelayo kwiphaneli ethi "Iimeko zesicelo" ye-interface yokuhlola inethiwekhi.

Ukongeza kwiimpawu ezintsha kunye nokulungiswa kweempazamo, le nguqulelo intsha ijongana neengozi ezili-11. Uninzi lweengozi luchongiwe ngovavanyo oluzenzekelayo olusebenzisa i-AddressSanitizer, i-MemorySanitizer, i-Control Flow Integrity, i-LibFuzzer, kunye ne-AFL. Akukho micimbi ibalulekileyo enokuvumela ukudlula zonke iileya zokhuseleko lwesiphequluli kunye nokusebenzisa ikhowudi ngaphandle kwendawo yesanti ichongiwe. Njengenxalenye yenkqubo yayo ye-vulnency bounty yokukhutshwa kwangoku, iGoogle imisele imivuzo eli-11 kwaye inike i-$18,500 (umvuzo omnye ngamnye we-$8000, $5000, $2000, kunye ne-$500, kunye nemivuzo emithathu ye-$1000). Isixa semivuzo emine asikamiselwa okwangoku.

umthombo: opennet.ru

Thenga ukusingathwa okuthembekileyo kwiindawo ezinokhuseleko lweDDoS, iiseva zeVPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekileyo ngokhuseleko lwe-DDoS, iiseva zeVPS VDS | ProHoster