I-ProHoster > Блог > izindaba ze-inthanethi > Ukukhishwa kwe-Chrome 102

Ukukhishwa kwe-Chrome 102

I-Google yembule ukukhishwa kwesiphequluli sewebhu se-Chrome 102. Ngesikhathi esifanayo, ukukhululwa okuzinzile kwephrojekthi yamahhala ye-Chromium, esebenza njengesisekelo se-Chrome, kuyatholakala. Isiphequluli se-Chrome siyahluka kusukela ku-Chromium ekusebenziseni amalogo e-Google, ukuba khona kwesistimu yokuthumela izaziso uma kuba nokuphahlazeka, amamojula okudlala okuqukethwe kwevidiyo okuvikelwe ikhophi (i-DRM), isistimu yokufaka ngokuzenzakalela izibuyekezo, evumela unaphakade ukuhlukaniswa kwe-Sandbox , ihlinzeka ngokhiye ku-Google API futhi idlulisela i-RLZ- uma isesha. Kulabo abadinga isikhathi esengeziwe sokubuyekeza, igatsha Le-Extended Stable lisekelwa ngokuhlukile, lilandelwa amaviki angu-8. Ukukhishwa okulandelayo kwe-Chrome 103 kuhlelelwe uJuni 21.

Izinguquko ezibalulekile ku-Chrome 102:

  • Ukuze uvimbele ukuxhashazwa kobungozi obubangelwa ukufinyelela kumabhulokhi enkumbulo asevele ekhululiwe (ukusetshenziswa ngemva kwamahhala), esikhundleni sezikhombi ezijwayelekile, uhlobo lwe-MiraclePtr (raw_ptr) lwaqala ukusetshenziswa. I-MiraclePtr inikeza ukubopha phezu kwezikhombi ezenza ukuhlola okwengeziwe ekufinyeleleni ezindaweni zememori ekhululiwe kanye nokuphahlazeka uma lokho kufinyelela kutholwa. Umthelela wendlela entsha yokuvikela ekusebenzeni nasekusetshenzisweni kwenkumbulo kuhlolwa njengokunganaki. Indlela ye-MiraclePtr ayisebenzi kuzo zonke izinqubo, ikakhulukazi ayisetshenziselwa izinqubo zokunikeza, kodwa ingathuthukisa kakhulu ukuphepha. Isibonelo, ekukhishweni kwamanje, kokungu-32 kokukhubazeka okulungisiwe, okungu-12 kudalwe izinkinga zokusebenzisa ngemva kokungena mahhala.
  • Idizayini yesixhumi esibonakalayo esinolwazi mayelana nokulandwayo ishintshiwe. Esikhundleni somugqa ophansi onedatha yenqubekelaphambili yokulanda, inkomba entsha yengezwe kuphaneli enebha yekheli; uma uchofoza kuyo, kuboniswa ukuqhubeka kokulanda amafayela nomlando onohlu lwamafayela asevele alandiwe. Ngokungafani nephaneli engezansi, inkinobho ihlale ikhonjiswa kuphaneli futhi ikuvumela ukuthi ufinyelele ngokushesha umlando wakho wokulanda. I-interface entsha okwamanje inikezwa ngokuzenzakalelayo kuphela kwabanye abasebenzisi futhi izonwetshwa kubo bonke uma zingekho izinkinga. Ukuze ubuyisele isixhumi esibonakalayo esidala noma uvule esisha, isilungiselelo se-“chrome://flags#download-bubble” sinikezwa.
    Ukukhishwa kwe-Chrome 102
  • Lapho usesha izithombe ngemenyu yokuqukethwe (“Sesha isithombe Nge-Google Lens” noma “Thola Nge-Google Lens”), imiphumela manje ayibonisiwe ekhasini elihlukile, kodwa kubha eseceleni kokuqukethwe kwekhasi lokuqala (ku. iwindi elilodwa ungabona ngesikhathi esisodwa kokubili okuqukethwe kwekhasi kanye nomphumela wokufinyelela injini yokusesha).
    Ukukhishwa kwe-Chrome 102
  • Esigabeni esithi "Ubumfihlo Nokuvikeleka" sezilungiselelo, kungezwe isigaba esithi "Isiqondiso Sobumfihlo", esinikeza ukubuka kabanzi kwezilungiselelo eziyinhloko ezithinta ubumfihlo ezinezincazelo ezinemininingwane zomthelela wesilungiselelo ngasinye. Isibonelo, esigabeni ungachaza inqubomgomo yokuthumela idatha kumasevisi e-Google, uphathe ukuvumelanisa, ukucubungula amakhukhi kanye nokulondoloza umlando. Umsebenzi unikezwa abanye abasebenzisi; ukuze uwusebenzise, ​​ungasebenzisa ukulungiselelwa kwe-“chrome://flags#privacy-guide”.
    Ukukhishwa kwe-Chrome 102
  • Ukwakhiwa komlando wosesho namakhasi abukiwe kunikeziwe. Uma uzama ukusesha futhi, iseluleko esithi “Qalisa kabusha uhambo lwakho” siboniswa kubha yekheli, okukuvumela ukuthi uqhubeke nokusesha endaweni lapho luphazamiseke khona okokugcina.
    Ukukhishwa kwe-Chrome 102
  • Isitolo Sewebhu se-Chrome sinikeza ikhasi elithi "Ikhithi Yokuqala Yezandiso" elinokukhethwa kokuqala ngezengezo ezinconyiwe.
  • Kumodi yokuhlola, ukuthumela isicelo sokugunyazwa se-CORS (I-Cross-Origin Resource Sharing) kuseva yesayithi eyinhloko enesihloko esithi “Access-Control-Request-Private-Network: true” inikwe amandla uma ikhasi lifinyelela insiza kunethiwekhi yangaphakathi ( 192.168.xx , 10.xxx, 172.16.xx) noma ukubamba indawo (128.xxx). Lapho iqinisekisa ukusebenza ekuphenduleni lesi sicelo, iseva kufanele ibuyisele isihloko esithi “Ukufinyelela-Ukulawula-Vumela-Inethiwekhi-Yangasese: iqiniso”. Kunguqulo ye-Chrome engu-102, umphumela wokuqinisekisa awuthinti ukusebenza kwesicelo - uma kungekho siqinisekiso, isexwayiso siyavezwa kukhonsoli yewebhu, kodwa isicelo sensiza engaphansi ngokwaso asivinjiwe. Ukunika amandla ukuvimba lapho singekho isiqinisekiso esivela kuseva akulindelekile kuze kukhishwe i-Chrome 105. Ukuze unike amandla ukuvimba ekukhishweni kwangaphambilini, unganika amandla isilungiselelo esithi "chrome://flags/#private-network-access-respect-preflight- imiphumela".

    Ukuqinisekiswa kwegunya yiseva kwethulwe ukuze kuqiniswe ukuvikeleka ekuhlaselweni okuhlobene nokufinyelela izinsiza kunethiwekhi yendawo noma kukhompuyutha yomsebenzisi (i-localhost) kusukela kumaskripthi alayishwayo lapho kuvulwa isayithi. Izicelo ezinjalo zisetshenziswa abahlaseli ukwenza ukuhlasela kwe-CSRF kumarutha, izindawo zokufinyelela, amaphrinta, izixhumanisi zewebhu yebhizinisi namanye amadivayisi namasevisi amukela izicelo ezivela kunethiwekhi yendawo kuphela. Ukuze uvikele ekuhlaselweni okunjalo, uma noma yiziphi izinsiza ezingaphansi zifinyelelwa kunethiwekhi yangaphakathi, isiphequluli sizothumela isicelo esicacile semvume yokulayisha lezi zinsiza ezincane.

  • Uma uvula izixhumanisi kumodi ye-incognito ngemenyu yokuqukethwe, amanye amapharamitha athinta ubumfihlo akhishwa ngokuzenzakalelayo ku-URL.
  • Isu lokuletha isibuyekezo se-Windows ne-Android lishintshiwe. Ukuze uqhathanise ngokugcwele ukuziphatha kokukhishwayo okusha nokwakudala, ukwakhiwa okuningi kwenguqulo entsha sekwenziwe ukuze kulandwe.
  • Ubuchwepheshe bokuhlukanisa inethiwekhi buzinzisiwe ukuze buvikeleke ezindleleni zokulandelela ukunyakaza kwabasebenzisi phakathi kwamasayithi ngokusekelwe kuzihlonzi zokulondoloza ezindaweni ezingahloselwe ukugcinwa unomphela kolwazi (“Ama-Supercookies”). Ngenxa yokuthi izinsiza ezifakwe kunqolobane zigcinwa endaweni yamagama evamile, kungakhathaliseki ukuthi isizinda sini, isayithi elilodwa linganquma ukuthi enye isayithi ilayisha izinsiza ngokuhlola ukuthi leyo nsiza ikunqolobane yini. Ukuvikelwa kusekelwe ekusetshenzisweni kwesegmentation yenethiwekhi (I-Network Partitioning), ingqikithi yakho okuwukwengeza kuma-caches okwabelwana ukubophezela okwengeziwe kwamarekhodi esizindeni lapho kuvulwa ikhasi eliyinhloko, elikhawulela ukumbozwa kwenqolobane yemibhalo yokulandelela ukunyakaza kuphela. kusayithi lamanje (iskripthi esivela ku-iframe ngeke sikwazi ukuhlola ukuthi insiza ilandwe kwenye isayithi). Ukwabelana kombuso kuhlanganisa ukuxhumana kwenethiwekhi (HTTP/1, HTTP/2, HTTP/3, websocket), inqolobane ye-DNS, ALPN/HTTP2, idatha ye-TLS/HTTP3, ukucushwa, ukulanda, nolwazi lwesihloko se-Expect-CT.
  • Kuzinhlelo zokusebenza zewebhu ezifakiwe ezizimele zodwa (i-PWA, i-Progressive Web App), kungenzeka ukuthi uguqule ukwakheka kwendawo yesihloko sewindi usebenzisa izingxenye Zembondela Yezilawuli Zewindi, ezinweba indawo yesikrini yohlelo lokusebenza lwewebhu kulo lonke iwindi. Uhlelo lokusebenza lwewebhu lungalawula ukunikezwa nokucutshungulwa kokufaka kwalo lonke iwindi, ngaphandle kwebhulokhi eyimbondela enezinkinobho zokulawula iwindi ezijwayelekile (vala, nciphisa, khulisa), ukuze unikeze uhlelo lwewebhu ukubukeka kohlelo lokusebenza oluvamile lwedeskithophu.
    Ukukhishwa kwe-Chrome 102
  • Kusistimu yokugcwalisa ngokuzenzakalela, usekelo lwengeziwe lokukhiqiza izinombolo zekhadi lesikweletu elibonakalayo emikhakheni enemininingwane yokukhokha yezimpahla ezitolo eziku-inthanethi. Ukusebenzisa ikhadi elibonakalayo, inombolo ekhiqizwa inkokhelo ngayinye, ikuvumela ukuthi ungadluliseli idatha mayelana nekhadi lesikweletu langempela, kodwa kudinga ukuhlinzekwa kwenkonzo edingekayo yibhange. Lesi sici okwamanje sitholakala kuphela kumakhasimende asebhange lase-US. Ukuze ulawule ukufakwa komsebenzi, isilungiselelo se-“chrome://flags/#autofill-enable-virtual-card” siyaphakanyiswa.
  • I-"Capture Handle" indlela yokusebenza yenziwa isebenze ngokuzenzakalelayo, ikuvumela ukuthi udlulisele ulwazi ezinhlelweni ezithwebula ividiyo. I-API yenza kube nokwenzeka ukuhlela ukusebenzisana phakathi kwezinhlelo zokusebenza okuqukethwe kwazo okurekhodiwe nezinhlelo zokusebenza ezirekhodayo. Isibonelo, uhlelo lokusebenza lwenkomfa ngevidiyo oluthwebula ividiyo ukuze isakaze isethulo lungathola ulwazi mayelana nezilawuli zokwethulwa futhi zivezwe efasiteleni levidiyo.
  • Ukusekelwa kwemithetho yokuqagela kunikwa amandla ngokuzenzakalela, kuhlinzeka nge-syntax eguquguqukayo yokunquma ukuthi idatha ehlobene nesixhumanisi ingalayishwa ngokuqhubekayo ngaphambi kokuba umsebenzisi achofoze isixhumanisi.
  • Indlela yokupakisha izinsiza kumaphakheji kufomethi ye-Web Bundle isizinzile, okuvumela ukwandisa ukusebenza kahle kokulayisha inani elikhulu lamafayela ahambisana nawo (izitayela ze-CSS, i-JavaScript, izithombe, ama-iframe). Ngokungafani namaphakheji efomethi ye-Webpack, ifomethi ye-Web Bundle inezinzuzo ezilandelayo: akulona iphakheji ngokwalo eligcinwe kunqolobane ye-HTTP, kodwa izingxenye zayo zengxenye; ukuhlanganiswa kanye nokwenziwa kwe-JavaScript kuqala ngaphandle kokulinda ukuthi iphakheji ilandwe ngokugcwele; Kuvunyelwe ukufaka izinsiza ezengeziwe ezifana ne-CSS nemifanekiso, okuzodingeka ukuthi ku-webpack ibhalwe ngekhodi ngendlela yamayunithi ezinhlamvu e-JavaScript.
  • Kuyenzeka ukuchaza uhlelo lwe-PWA njengesibambi sezinhlobo ezithile ze-MIME nezandiso zefayela. Ngemva kokuchaza isibopho ngenkambu ye-file_handlers ku-manifest, uhlelo lokusebenza luzothola umcimbi okhethekile lapho umsebenzisi ezama ukuvula ifayela elihlotshaniswa nohlelo lokusebenza.
  • Kwengezwe isibaluli esisha se-inert esikuvumela ukuthi umake ingxenye yesihlahla se-DOM njengokuthi "engasebenzi". Kumanodi e-DOM kulesi simo, ukukhethwa kombhalo nezibambi ze-pointer hover kukhutshaziwe, i.e. Imicimbi yesikhombi kanye nezakhiwo ze-CSS ezikhethwa umsebenzisi zihlala zisethwe kokuthi 'akukho'. Uma i-node ingase ihlelwe, khona-ke kumodi ye-inert iba yinto engahleleki.
  • Kwengezwe i-Navigation API, evumela izinhlelo zokusebenza zewebhu ukuthimba ukusebenza kwewindi lokuzulazula, ziqalise ukuzulazula, futhi zihlaziye umlando wezenzo ngohlelo lokusebenza. I-API inikeza enye indlela ku-window.history kanye nezakhiwo ze-window.location, ezilungiselelwe izinhlelo zokusebenza zewebhu ezinekhasi elilodwa.
  • Ifulegi elisha, "lize litholakale", liphakanyiselwe isibaluli "esifihliwe", esenza isici sisesheke ekhasini futhi sinyakazeke ngemaski yombhalo. Isibonelo, ungakwazi ukwengeza umbhalo ofihliwe ekhasini, okuqukethwe okuzotholakala ekusesheni kwendawo.
  • Ku-WebHID API, eyenzelwe ukufinyelela okusezingeni eliphansi kumadivayisi e-HID (amadivayisi okuxhumana nabantu, amakhibhodi, amagundane, ama-gamepad, ama-touchpad) kanye nokuhlela umsebenzi ngaphandle kokuba khona kwabashayeli abathile ohlelweni, impahla ye-exclusionFilters yengezwe ku-applicationDevice( ) into, ekuvumela ukuthi ukhiphe amadivaysi athile lapho isiphequluli sibonisa uhlu lwamadivayisi atholakalayo. Isibonelo, ungakhipha ama-ID edivayisi anezinkinga ezaziwayo.
  • Akuvunyelwe ukubonisa ifomu lokukhokha ngekholi eya ku-PaymentRequest.show() ngaphandle kwesenzo somsebenzisi esibekela ingcaca, isibonelo, ngokuchofoza into ehlotshaniswa nesibambi.
  • Ukusekelwa kokunye ukuqaliswa kwe-SDP (Iphrothokholi Yencazelo Yesikhathi) esetshenziselwa ukusungula iseshini ku-WebRTC kunqanyuliwe. I-Chrome inikeze izinketho ezimbili ze-SDP - ezihlanganiswe nezinye iziphequluli kanye ne-Chrome-specific. Kusukela manje kuqhubeke, kuphela inketho ephathekayo esele.
  • Ukuthuthukiswa kwenziwe kumathuluzi onjiniyela bewebhu. Kwengezwe izinkinobho kuphaneli Yezitayela ukuze kulingise ukusetshenziswa kwetimu emnyama nekhanyayo. Ukuvikelwa kwethebhu yokubuka kuqala kumodi yokuhlola inethiwekhi kuqinisiwe (Inqubomgomo Yokuphepha Kokuqukethwe inikwe amandla). Isilungisi sephutha sisebenzisa ukunqanyulwa kweskripthi ukuze silayishe kabusha ama-breakpoint. Ukuqaliswa kokuqala kwephaneli entsha "yemininingwane yokusebenza" kuhlongoziwe, okukuvumela ukuthi uhlaziye ukusebenza kwemisebenzi ethile ekhasini.
    Ukukhishwa kwe-Chrome 102

Ngokungeziwe ezenzweni ezintsha nokulungiswa kweziphazamisi, inguqulo entsha isusa ubungozi obungu-32. Ubungozi obuningi buhlonzwe njengomphumela wokuhlolwa okuzenzakalelayo kusetshenziswa i-AddressSanitizer, MemorySanitizer, Control Flow Integrity, LibFuzzer kanye namathuluzi e-AFL. Enye yezinkinga (i-CVE-2022-1853) inikezwe izinga elibucayi lengozi, elisikisela ikhono lokudlula wonke amazinga okuvikela isiphequluli kanye nokukhipha ikhodi kusistimu engaphandle kwendawo ye-sandbox. Imininingwane mayelana nalokhu kuba sengozini ayikadalulwa; kwaziwa kuphela ukuthi kubangelwa ukufinyelela ibhulokhi yememori ekhululiwe (ukusetshenziswa ngemva kokukhululwa) ekusetshenzisweni kwe-Indexed DB API.

Njengengxenye yohlelo lokuklomelisa ngemali yokuthola ubungozi ekukhishweni kwamanje, i-Google ikhokhele imiklomelo engama-24 ebiza u-$65600 (umklomelo owodwa ongu-$10000, umklomelo owodwa ongu-$7500, imiklomelo emibili engu-$7000, imiklomelo emithathu engu-$5000, imiklomelo engu-$3000 emine, imiklomelo emibili engu-$2000, kanye nemiklomelo emibili yama-$1000, $500 amabhonasi). Usayizi wemiklomelo eyi-7 awukakanqunywa.

Source: opennet.ru

Engeza amazwana