I-ProHoster > Блог > izindaba ze-inthanethi > I-Chrome 86

I-Chrome 86

Ukukhishwa okulandelayo kwe-Chrome 86 nokukhishwa okuzinzile kwe-Chromium kukhululiwe.

Izinguquko ezibalulekile ku-Chrome 86:

  • isivikelo ekuthunyelweni okungaphephile kwamafomu okokufaka emakhasini alayishwe nge-HTTPS kodwa athumela idatha nge-HTTP.
  • Ukuvimbela ukulanda okungaphephile (http) kwamafayela asebenzisekayo kuhambisana nokuvimbela ukulandwa okungaphephile kwezingobo zomlando (zip, iso, njll.) kanye nokubonisa izexwayiso zokulandwa okungaphephile kwamadokhumenti (docx, pdf, njll.). Ukuvinjwa kwedokhumenti nezixwayiso zezithombe, umbhalo, namafayela emidiya kulindeleke ekukhishweni okulandelayo. Ukuvimbela kwenziwa ngoba ukulanda amafayela ngaphandle kokubethela kungasetshenziswa ukwenza izenzo ezinonya ngokufaka okuqukethwe esikhundleni sokuhlasela kwe-MITM.
  • Imenyu yokuqukethwe ezenzakalelayo ibonisa inketho ethi "Bonisa njalo i-URL egcwele", obekudingeka ngaphambilini ukuthi kushintshwe izilungiselelo kukhasi elithi:amafulegi ukuze lisebenze. I-URL egcwele ingabuye ibukwe ngokuchofoza kabili kubha yekheli. Ake sikukhumbuze ukuthi ukuqala nge-Chrome 76, ngokuzenzakalelayo ikheli laqala ukuboniswa ngaphandle kwephrothokholi kanye nesizinda esingaphansi kwe-www. Ku-Chrome 79, isilungiselelo sokubuyisela ukuziphatha okudala sisusiwe, kodwa ngemva kokunganeliseki komsebenzisi, ifulegi elisha lokuhlola lengezwe ku-Chrome 83 elengeza inketho kumenyu yokuqukethwe ukukhubaza ukufihla nokubonisa i-URL egcwele kuzo zonke izimo.
    Emaphesentini amancane abasebenzisi, kuye kwaqaliswa ukuhlola ukuze kuboniswe isizinda kuphela kubha yekheli ngokuzenzakalela, ngaphandle kwama-elementi endlela namapharamitha wemibuzo. Isibonelo, esikhundleni sokuthi "https://example.com/secure-google-sign-in/" "example.com" izoboniswa. Imodi ehlongozwayo kulindeleke ukuthi ilethwe kubo bonke abasebenzisi kokunye kokukhishwayo okulandelayo. Ukuze ukhubaze lokhu kuziphatha, ungasebenzisa inketho ethi “Bonisa njalo i-URL egcwele”, futhi ukuze ubuke yonke i-URL, ungachofoza ibha yekheli. Inhloso yalolu shintsho isifiso sokuvikela abasebenzisi ebugebengwini obuxhaphaza amapharamitha ku-URL - abahlaseli basizakala ngokunganaki kwabasebenzisi ukuze benze ukubonakala kokuvula elinye isayithi nokwenza izenzo zokukhwabanisa (uma ukushintshwa okunjalo kubonakala kumsebenzisi onekhono lobuchwepheshe. , khona-ke abantu abangenalwazi bawela kalula ekukhohliseni okunjalo okulula).
  • Isinyathelo sokususa ukwesekwa kwe-FTP sivuselelwe. Ku-Chrome 86, i-FTP ikhutshaziwe ngokuzenzakalela cishe ku-1% wabasebenzisi, futhi ku-Chrome 87 ububanzi bokukhubaza buzokhushulelwa ku-50%, kodwa ukusekelwa kungabuyiswa kusetshenziswa i-"--enable-ftp" noma "- -enable-features=FtpProtocol" ifulegi. Ku-Chrome 88, usekelo lwe-FTP luzokhutshazwa ngokuphelele.
  • Enguqulweni ye-Android, efana nenguqulo yezinhlelo zedeskithophu, umphathi wephasiwedi usebenzisa isheke lokungena okulondoloziwe namagama-mfihlo ngokumelene nesizindalwazi sama-akhawunti onakalisiwe, abonise isexwayiso uma izinkinga zitholwa noma kwenziwa umzamo wokusebenzisa amagama ayimfihlo angasho lutho. Ukuhlolwa kwenziwa ngokumelene nesizindalwazi esihlanganisa ama-akhawunti onakalisiwe angaphezu kwezigidigidi ezi-4 avele kuzigcinilwazi zabasebenzisi eziputshuziwe. Ukuze ulondoloze ubumfihlo, isiqalo se-hashi siqinisekiswa ngasohlangothini lomsebenzisi, futhi amagama ayimfihlo ngokwawo kanye nama-hashi awo agcwele akudluliselwa ngaphandle.
  • Inkinobho "yokuhlola ukuphepha" kanye nemodi yokuvikela ethuthukisiwe kumasayithi ayingozi (Ukuphequlula Okuphephile Okuthuthukisiwe) nakho kudluliselwe enguqulweni ye-Android. Inkinobho ethi "Ukuhlola ukuphepha" ibonisa isifinyezo sezinkinga zokuphepha ezingaba khona, ezifana nokusetshenziswa kwamagama ayimfihlo onakalisiwe, isimo sokuhlola amasayithi anonya (Ukuphequlula Okuphephile), ukuba khona kwezibuyekezo ezikhishiwe, kanye nokuhlonza izengezo ezinonya. Imodi yokuvikela ethuthukisiwe yenza kusebenze ukuhlola okwengeziwe ukuze kuvikelwe ebugebengwini bokweba imininingwane ebucayi, umsebenzi oyingozi nezinye izinsongo kuwebhu, futhi ihlanganisa ukuvikeleka okwengeziwe kwe-akhawunti yakho ye-Google namasevisi e-Google (i-Gmail, IDrayivu, njll.). Uma kumodi evamile yokuphequlula okuphephile ukuhlolwa kwenziwa endaweni kusetshenziswa isizindalwazi esilayishwa ngezikhathi ezithile ohlelweni lweklayenti, bese kokuthi Ulwazi Lokuphequlula Okuthuthukisiwe olumayelana namakhasi nokulandwa ngesikhathi sangempela luthunyelwa ukuze kuqinisekiswe ngasohlangothini lwe-Google, okukuvumela ukuthi uphendule ngokushesha izinsongo ngokushesha ngemva kokukhonjwa, ngaphandle kokulinda kuze kube yilapho uhlu oluvinjelwe lwendawo lubuyekezwa.
  • Ukwesekwa okwengeziwe kwefayela lenkomba elithi ".well-known/change-password", lapho abanikazi besayithi bangacacisa khona ikheli lefomu lewebhu lokushintsha iphasiwedi. Uma imininingwane yomsebenzisi isengozini, i-Chrome manje izotshela umsebenzisi ngokushesha ngefomu lokushintsha iphasiwedi elisuselwe kulwazi olukuleli fayela.
  • Isexwayiso esisha "seThiphu Lokuphepha" sisetshenzisiwe, siboniswa lapho kuvulwa amasayithi isizinda sawo sifana kakhulu nesinye isayithi futhi i-heuristics ibonisa ukuthi kukhona amathuba aphezulu okukhwabanisa (isibonelo, i-google.com ivuliwe esikhundleni se-google.com).

    * Usekelo lwenqolobane Yokudlulela phambili luye lwasetshenziswa, lunikeza ukuzulazula okusheshayo lapho usebenzisa izinkinobho "Emuva" kanye "Dlulisa" noma lapho uzulazula emakhasini abukwe ngaphambilini esayithi yamanje. Inqolobane inikwe amandla kusetshenziswa isethingi ye-chrome://flags/#back-forward-cache.

  • Ukuthuthukisa ukusetshenziswa kwensiza ye-CPU kumawindi angaphandle kwesikophu. I-Chrome ihlola ukuthi ingabe iwindi lesiphequluli ligqitshwe ngamanye amawindi futhi ivimbela ukudweba amaphikseli ezindaweni ezigqagqene. Lokhu kulungiselelwa kunikwe amandla kumaphesenti amancane wabasebenzisi ku-Chrome 84 naku-85 futhi manje sekunikwe amandla yonke indawo. Uma kuqhathaniswa nokukhishwa kwangaphambilini, ukungahambisani nezinhlelo ze-virtualization okubangele ukuthi kuvele amakhasi amhlophe angenalutho nakho sekuxazululiwe.
  • Ukwenyuswa kokusikwa kwensiza kumathebhu angemuva. Amathebhu anjalo awasakwazi ukusebenzisa ngaphezu kuka-1% wezinsiza ze-CPU futhi angenziwa asebenze isikhathi esingaphezu kwesisodwa ngomzuzu. Ngemuva kwemizuzu emihlanu yokuba ngemuva, amathebhu ayamiswa, ngaphandle kwamathebhu adlala okuqukethwe kwe-multimedia noma okurekhodiwe.
  • Umsebenzi uqalise kabusha ekuhlanganiseni isihloko se-HTTP somenzeli womsebenzisi. Enguqulweni entsha, usekelo lwendlela yaMahinti Omenzeli Womsebenzisi, othuthukiswe esikhundleni somenzeli womsebenzisi, lwenziwa lusebenze kubo bonke abasebenzisi. Indlela entsha ihlanganisa ngokukhetha ukubuyisela idatha mayelana nemingcele ethile yesiphequluli kanye nesistimu (inguqulo, inkundla, njll.) kuphela ngemva kwesicelo seseva futhi inikeze abasebenzisi ithuba lokuhlinzeka ngolwazi olunjalo kubanikazi besayithi. Uma usebenzisa Amacebo Weklayenti Lomenzeli Womsebenzisi, isihlonzi asidluliswa ngokuzenzakalelayo ngaphandle kwesicelo esicacile, okwenza ukuhlonza okungenzi lutho kungenzeki (ngokuzenzakalelayo, kuboniswa igama lesiphequluli kuphela).
    Inkomba yokuba khona kwesibuyekezo nesidingo sokuqala kabusha isiphequluli ukuze usifake sishintshiwe. Esikhundleni somcibisholo onemibala, "Ukubuyekeza" manje kuvela kunkambu ye-avatar ye-akhawunti.
  • Kwenziwe umsebenzi wokuguqula isiphequluli ukuthi sisebenzise amagama asetshenziswayo. Emagameni enqubomgomo, igama elithi “whitelist” nelithi “blacklist” athathelwe indawo ngokuthi “uhlu lwabagunyaziwe” kanye “nohlu lokuvimbela” (izinqubomgomo esezingeziwe zizoqhubeka nokusebenza, kodwa zizobonisa isexwayiso mayelana nokuhoxiswa). Emagameni ekhodi namafayela, izinkomba ezithi "uhlu lwabamnyama" zithathelwe indawo "uhlu lokuvimba". Izinkomba ezibonakala ngabasebenzisi ze-"blacklist" kanye "nohlu olumhlophe" zishintshiwe ekuqaleni kuka-2019.
    Kwengezwe ikhono lokuhlola lokuhlela amaphasiwedi alondoloziwe, lenziwe lasebenza kusetshenziswa ifulegi elithi “chrome://flags/#edit-passwords-in-settings”.
  • I-Native File System API idluliselwe esigabeni se-API ezinzile netholakala esidlangalaleni, okukuvumela ukuthi udale izinhlelo zokusebenza zewebhu ezisebenzisana namafayela ohlelweni lwamafayela wendawo. Isibonelo, i-API entsha ingase idingeke ezindaweni ezihlanganisiwe zokuthuthukiswa okusekelwe kusiphequluli, umbhalo, izithombe nabahleli bevidiyo. Ukuze ukwazi ukubhala ngokuqondile nokufunda amafayela noma ukusebenzisa izingxoxo ukuze uvule futhi ulondoloze amafayela, kanye nokuzulazula kokuqukethwe kwezinkomba, uhlelo lokusebenza lucela umsebenzisi ukuqinisekiswa okukhethekile.
  • Kwengezwe isikhethi se-CSS ":focus-visible", esebenzisa i-heuristics efanayo esetshenziswa isiphequluli lapho sinquma ukuthi isibonise inkomba yokushintsha kokugxilile (lapho uhambisa ukugxila enkinobho kusetshenziswa izinqamuleli zekhibhodi, inkomba iyavela, kodwa uma uchofoza igundane. , akunjalo). Isikhethi se-CSS esitholakala ngaphambilini ":focus" sihlala sigqamisa ukugxila. Ngaphezu kwalokho, inketho ethi "I-Quick Focus Highlight" yengezwe kuzilungiselelo, uma inikwe amandla, inkomba eyengeziwe yokugxila izoboniswa eduze kwezinto ezisebenzayo, ezihlala zibonakala ngisho noma ama-elementi esitayela wokugxila okubukwayo avaliwe ekhasini nge-CSS. .
  • Ama-API amaningana amasha engeziwe kumodi ye-Origin Trials (izici zokuhlola ezidinga ukwenziwa kusebenze okuhlukile). I-Origin Trial isho amandla okusebenza ne-API eshiwo ezinhlelweni ezilandwe ku-localhost noma 127.0.0.1, noma ngemva kokubhalisa nokwamukela ithokheni elikhethekile elisebenza isikhathi esilinganiselwe sesayithi elithile.
  • I-WebHID API yokufinyelela okusezingeni eliphansi kumadivayisi e-HID (amadivayisi esixhumi esibonakalayo, amakhibhodi, amagundane, ama-gamepad, ama-touchpad), ekuvumela ukuthi usebenzise ingqondo yokusebenza ngedivayisi ye-HID ku-JavaScript ukuze uhlele umsebenzi ngamadivayisi angavamile we-HID ngaphandle kokuba khona abashayeli abathile ohlelweni. Okokuqala, i-API entsha ihloselwe ukuhlinzeka ngosekelo lwama-gamepad.
  • I-Screen Information API, inweba i-Window Placement API ukuze isekele ukulungiselelwa kwezikrini eziningi. Ngokungafani ne-window.screen, i-API entsha ikuvumela ukuthi ulawule ukubekwa kwewindi endaweni yonke yesikrini yamasistimu okuqapha okuningi, ngaphandle kokukhawulelwa esikrinini samanje.
  • I-Meta tag yokonga ibhethri, isayithi elingazisa ngakho isiphequluli mayelana nesidingo sokuvula amamodi ukuze kuncishiswe ukusetshenziswa kwamandla nokwandisa umthwalo we-CPU.
  • I-COOP Reporting API ukubika ukwephulwa okungenzeka kwezindlela zokuzihlukanisa ze-Cross-Origin-Embedder-Policy (COEP) kanye ne-Cross-Origin-Opener-Policy (COOP), ngaphandle kokusebenzisa imikhawulo yangempela.
  • I-Credential Management API inikeza uhlobo olusha lwemininingwane, i-PaymentCredential, enikeza isiqinisekiso esengeziwe senkokhelo eyenziwayo. Iqembu elithembekile, njengebhange, linamandla okwenza ukhiye osesidlangalaleni, i-PublicKeyCredential, engacelwa umthengisi ukuze kuqinisekiswe inkokhelo eyengeziwe evikelekile.
  • I-PointerEvents API yokunquma ukutsheka kwe-stylus* yengeze ukusekela kwama-engeli okuphakama (i-engeli ephakathi kwe-stylus nesikrini) kanye ne-azimuth (i-engeli ephakathi kwe-eksisi engu-X kanye nokuboniswa kothiyo esikrinini), esikhundleni Ama-engeli e-TiltX kanye ne-TiltY (ama-engeli aphakathi kwendiza esuka kustylus neyodwa yezimbazo kanye nendiza esuka kuzimbazo zika-Y kanye no-Z). Kungezwe nemisebenzi yokuguqula phakathi kwe-altitude/azimuth kanye ne-TiltX/TiltY.
  • Kushintshwe umbhalo wekhodi wesikhala kuma-URL lapho ubala kuzibambi zephrothokholi - indlela ye-navigator.registerProtocolHandler() manje ithatha indawo yezikhala ngo-"%20" esikhundleni sika-"+", ehlanganisa ukuziphatha nezinye iziphequluli ezifana ne-Firefox.
  • I-pseudo-element "::marker" yengezwe ku-CSS, okukuvumela ukuthi wenze ngendlela oyifisayo umbala, usayizi, ukwakheka kanye nohlobo lwezinombolo namachashazi ukuze uthole uhlu lwamabhulokhi. Futhi .
  • Ukwesekwa okwengeziwe kwesihloko se-Document-Policy HTTP, esikuvumela ukuthi usethe imithetho yokufinyelela amadokhumenti, efana nendlela yokuhlukanisa ye-sandbox yama-iframe, kodwa ngaphezulu kwendawo yonke. Isibonelo, ngeNqubomgomo Yedokhumenti ungakhawulela ukusetshenziswa kwezithombe zekhwalithi ephansi, ukhubaze i-JavaScript APIs enensayo, ulungise imithetho yokulayisha ama-iframe, izithombe nemibhalo, ukhawulele usayizi wedokhumenti uwonke kanye nethrafikhi, unqabele izindlela eziholela ekudwetshweni kabusha kwekhasi, futhi khubaza umsebenzi we-Scroll-To-Text.
  • Ku-elementi ungeze usekelo lwamapharamitha 'e-inline-grid', 'igridi', 'inline-flex' kanye 'ne-flex' asethwe ngesakhiwo se-CSS 'sokubonisa'.
  • Kwengezwe indlela ye-ParentNode.replaceChildren() yokushintshanisa zonke izingane zenodi yomzali kwenye indawo ye-DOM. Ngaphambilini, ungasebenzisa inhlanganisela ye-node.removeChild() kanye ne-node.append() noma i-node.innerHTML kanye ne-node.append() ukuze umiselele amanodi.
  • Ububanzi bezikimu ze-URL ezingakhishwa kusetshenziswa irejistaProtocolHandler() bunwetshiwe. Uhlu lwezinhlelo lubandakanya amaphrothokholi ahlukaniselwe i-cabal, i-dat, i- did, i-dweb, i-ethereum, i-hyper, i-ipfs, i-ipns ne-ssb, ekuvumela ukuthi uchaze izixhumanisi zama-elementi ngokunganaki isayithi noma isango elinikeza ukufinyelela kunsiza.
  • Ukwesekwa okwengeziwe kwefomethi yombhalo/html ku-Asynchronous Clipboard API ukuze kukopishwe futhi kunamathiselwe i-HTML ngebhodi lokunamathisela (izakhiwo ze-HTML eziyingozi ziyahlanzwa lapho kubhalwa futhi kufundwa ebhodini lokunamathisela). Ushintsho, isibonelo, lukuvumela ukuthi uhlele ukufakwa nokukopishwa kombhalo ofomethiwe ngezithombe nezixhumanisi kubahleli bewebhu.
  • I-WebRTC yengeze amandla okuxhuma izibambi zayo zedatha, ebizwa ezigabeni zokufaka ikhodi noma zokuqopha ze-WebRTC MediaStreamTrack. Isibonelo, leli khono lingasetshenziswa ukwengeza usekelo lokubethela ngasemaphethelweni kwedatha edluliswa ngamaseva amaphakathi.
    Enjinini ye-V8 JavaScript, ukusetshenziswa kwe-Number.prototype.toString kusheshiswe ngo-75%. Kwengezwe impahla yegama elithi .name kumakilasi angavumelaniyo anenani elingenalutho. Indlela ye-Atomics.wake isusiwe, eyake yaqanjwa kabusha ngokuthi i-Atomics.yazisa ukuze ihambisane nokucaciswa kwe-ECMA-262. Ikhodi yethuluzi lokuhlola elixakayo i-JS-Fuzzer ivuliwe.
  • I-Liftoff baseline compiler ye-WebAssembly ekhishwe ekukhishweni kokugcina ihlanganisa ikhono lokusebenzisa imiyalelo yevektha ye-SIMD ukuze kusheshiswe izibalo. Uma sibheka izivivinyo, ukwenza ngcono kwenza kwaba nokwenzeka ukusheshisa ezinye izivivinyo izikhathi ezingu-2.8. Okunye ukulungiselelwa kukwenze kwashesha kakhulu ukubiza imisebenzi ye-JavaScript engenisiwe kusuka ku-WebAssembly.
  • Amathuluzi onjiniyela bewebhu anwetshiwe: Iphaneli Yemidiya yengeze imininingwane mayelana nabadlali abasetshenziswa ukudlala ividiyo ekhasini, okuhlanganisa idatha yomcimbi, amalogi, amanani ezakhiwo kanye nemingcele yokuqoshwa kozimele (isibonelo, unganquma izimbangela zohlaka ukulahlekelwa kanye nezinkinga zokusebenzisana ezivela ku-JavaScript) .
  • Kumenyu yokuqukethwe yephaneli ye-Elements, ikhono lokudala izithombe-skrini zento ekhethiwe lingeziwe (isibonelo, ungakha isithombe-skrini sethebula lokuqukethwe noma ithebula).
  • Kukhonsoli yewebhu, iphaneli yesixwayiso senkinga ithathelwe indawo umlayezo ojwayelekile, futhi izinkinga ezinamakhukhi ezinkampani zangaphandle zifihlwa ngokuzenzakalelayo kuthebhu yezinkinga futhi zinikwe amandla ngebhokisi lokuhlola elikhethekile.
  • Kuthebhu ethi Ukunikezwa, inkinobho ethi “Khubaza amafonti endawo” yengeziwe, ekuvumela ukuthi ulingise ukungabikho kwamafonti endawo, futhi kuthebhu yezinzwa usungakwazi manje ukulingisa ukungasebenzi komsebenzisi (kuzinhlelo zokusebenza ezisebenzisa i-Idle Detection API).
  • Iphaneli yohlelo lokusebenza ihlinzeka ngolwazi oluningiliziwe mayelana ne-iframe ngayinye, iwindi elivuliwe, nezigelekeqe, okuhlanganisa ulwazi mayelana nokuhlukaniswa kwe-Cross-Origin kusetshenziswa i-COEP ne-COOP.

Ukuqaliswa kwephrothokholi ye-QUIC sekuqalile ukuthathelwa indawo inguqulo ethuthukiswe ekucacisweni kwe-IETF, esikhundleni senguqulo ye-Google ye-QUIC.
Ngokungeziwe ezenzweni ezintsha nokulungiswa kweziphazamisi, inguqulo entsha isusa ubungozi obungu-35. Ubungozi obuningi buhlonzwe njengomphumela wokuhlolwa okuzenzakalelayo kusetshenziswa i-AddressSanitizer, MemorySanitizer, Control Flow Integrity, LibFuzzer kanye namathuluzi e-AFL. Ukuba sengozini okukodwa (i-CVE-2020-15967, ukufinyelela kumemori ekhululiwe ngekhodi yokusebenzelana ne-Google Payments) kumakwa njengokubalulekile, i.e. ikuvumela ukuthi udlule wonke amazinga okuvikela isiphequluli futhi wenze ikhodi kusistimu engaphandle kwendawo ye-sandbox. Njengengxenye yohlelo lokukhokha imiklomelo yemali ngokuthola ubungozi ekukhishweni kwamanje, i-Google ikhokhele imiklomelo engu-27 ebiza u-$71500 (umklomelo owodwa ongu-$15000, imiklomelo emithathu ka-$7500, imiklomelo emihlanu ka-$5000, imiklomelo emibili engu-$3000, umklomelo owodwa wama-$200 kanye nemiklomelo emibili yama-$500). Usayizi wemiklomelo eyi-13 awakanqunywa.

Ithathwe ku I-Opennet.ru

Source: linux.org.ru

Engeza amazwana