Chrome Release Summary

Chrome version: 132, 131, 130, 129, 128, 127, 126, 125, 124, 123, 122, 121, 120, 119, 118, 117, 116, 115, 114, 113, 112, 111, 110, 109, 108, 107, 106, 105, 104, 103, 102, 101, 100, 99, 98, 97, 96, 95, 94, 93, 92, 91, 90, 89, 88, 87, 86, 85, 84, 83, 82, 81, 80, 79, 78, 77, 76, 75, 74, 73, 72, 71, 70, 69, 68, 67, 66, 65, 64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49, 48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33, 32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17, 16, 15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0

Chrome 110

Enabled (15) | Origin Trial (0) | Behind a flag (0) | Deprecated (0) | Removed (2)

Enabled by default in 110

This release of Chrome had 15 new features.

AudioContext.setSinkId()

AudioContext.setSinkId sets the ID of the audio device to use for output. This allows the AudioContext to route audio to a connected output device of user's choosing. #

This feature was specified in this Spec.

CSS Initial Letters

Enables a typographic decoration called "initial letter" or "drop caps." Initial letters are large, decorative letters that have been used to start new sections of text since before the invention of printing. In fact, their use predates lowercase letters entirely. #

This feature was specified in this Spec.

Resources

Docs: https://bit.ly/3KzJ27G

Samples: https://output.jsbin.com/basukanebo/1

Client Hints persistency in Android WebView

We aim to add support for persistent Client Hints to Android Webview for parity with the rest of the platform. For more details on the Client Hints system see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Client_hints #

This feature was specified in this Spec.

FedCM: cross-origin iframe support

Adds cross-origin iframe support for the FedCM API via a permissions policy. It enables websites to sandbox the scripts from identity providers which trigger the FedCM API in a cross-origin iframe, so that they do not have full control over the whole page. This also allows use cases where it is the iframe itself which requires a sign-in from the user. In both cases, the parent frame must provide the iframe with the permissions policy 'identity-credentials-get'. #

This feature was specified in this Spec.

Resources

No linked docs

Samples: https://fedcm-main-frame.glitch.me

FileSystemHandle.remove() method

A "remove self" method for a FileSystemHandle. Currently, it is not possible to remove a file or directory given its handle. You must obtain the handle of the parent directory and call FileSystemDirectoryHandle.removeEntry(). This method enables the common use case where you obtain a file handle from showSaveFilePicker(), but then decide you don't want to save after all, and delete the file. #

This feature was specified in this Spec.

Iframe credentialless

Iframe credentialless give developers a way to load documents in third party iframes using new and ephemeral contexts. Iframe credentialless are a generalization of COEP credentialless to support 3rd party iframes that may not deploy COEP. Like with COEP credentialless, we replace the opt-in of cross-origin subresources by avoiding to load non-public resources. This will remove the constraint that 3rd party iframes must support COEP in order to be embedded in a COEP page and will unblock developers looking to adopt cross-origin-isolation. This way, developers using COEP can now embed third party iframes that do not. #

This feature was specified in this Spec.

Resources

Docs: https://docs.google.com/document/d/1poI75BaQ9aqcMGJn_K01-QHsQQbEOwRWvg3Af4VWTmY/edit

Samples: https://anonymous-iframe.glitch.me

Methods that change Array and TypedArray by copy

Provides additional methods on Array.prototype and TypedArray.prototype to enable changes on the array by returning a new copy of it with the change. #

This feature was specified in this Spec.

Prefetching triggered by the speculation rules API

Prefetching fetches the main resource for a future navigation, keeping it in memory so that it can be used to speed up the next navigation. This launch includes both same-site prefetching, and cross-site prefetching in the case where no credentials are present for the destination site. #

This feature was specified in this Spec.

Private network access for workers: warning-only mode

Applies Private Network Access checks to web workers: dedicated workers, shared workers and service workers. These checks apply to all worker-specific fetches: - initial worker script fetch - fetch within workers - service worker script update fetch If the fetch is from an insecure context, we'd show a warning in DevTools. If the fetch is from a secure context, we'd send a preflight. If the preflight fails, we'll also show a warning in DevTools. #

This feature was specified in this Spec.

Resources

Docs: https://docs.google.com/document/d/1fFSY8bExYZvKTDBBS0flry6E6Ihn63HOr0JhD2fB7ko/edit

No linked samples

Secure Payment Confirmation - Opt-Out Support

Adds an 'opt-out' flow to Secure Payment Confirmation. When the (optional) input flag is set, the SPC UXes will render an 'opt-out' link of some sort that the user can interact with to indicate to the relying party that they wish to be opted out. See https://github.com/w3c/secure-payment-confirmation/issues/172 #

This feature was specified in this Spec.

Resources

Docs: https://github.com/w3c/secure-payment-confirmation/issues/172

Samples: https://rsolomakhin.github.io/pr/spc-opt-out

Speculation rules: Content Security Policy extension

Speculation rules are inlined in script tags, but their use will be restricted by Content Security Policy as unsafe inline scripts even if the speculation rules are safe. So, we extend the Content Security Policy to have a new source keyword, ‘inline-speculation-rules’, for inline uses of speculation rules. With this new keyword, we can permit inline speculation rules without permitting inline scripts. #

This feature was specified in this Spec.

TLS ClientHello extension permutation

Randomize the order of TLS ClientHello extensions, to reduce potential ecosystem brittleness. This change is only visible to HTTPS server implementers. #

This feature was specified in this Spec.

Resources

Docs: https://docs.google.com/document/d/13hbMJDFU8kZ_qtLukNYoWZOEnr0wRKeP6XBmY_TQ0B4/edithttps://github.com/dadrian/clienthello-randomization/blob/main/EXPLAINER.md

No linked samples

Use Non-Transitional IDNA Processing in URLs

Enable IDNA 2008 in Non-Transitional Mode for URL processing, aligning Chrome's behavior with Firefox and Safari. Chrome currently uses IDNA 2008 in Transitional Mode in URL processing. The main difference between Transitional and Non-Transitional Mode is the handling of four characters known as deviation characters: ß (LATIN SMALL LETTER SHARP S), ς (GREEK SMALL LETTER FINAL SIGMA), ZWJ (Zero width joiner) and ZWNJ (Zero width non-joiner). In Transitional mode, deviation characters are handled the same as IDNA2003: ß is mapped to ss, ς is mapped to σ, and ZWJ and ZWNJ are deleted. In Non-Transitional mode, domains containing these characters are allowed in domain names without mapping, and thus can resolve to different IP addresses. For example, typing "faß.de" in Chrome and Firefox opens different sites today. Enabling Non-Transitional IDNA in Chrome will allow deviation characters in domain names. Firefox and Safari already made this change in 2016 and continue to use Non-Transitional URL processing. #

This feature was specified in this Spec.

Web app launch handler

Add a "launch_handler" web app manifest member that enables web apps to customize their launch behavior across all types of app launch triggers. Example usage: { "name": "Example app", "start_url": "/index.html", "launch_handler": { "client_mode": "navigate-existing" } } This will cause all launches of the Example app to focus an existing app window and navigate it (if it exists) instead of always launching a new app window. #

This feature was specified in this Spec.

web-share permission policy

Controls access to navigator.share(). By default, third-party iframes do not have permission to use the Web Share API. #

This feature was specified in this Spec.

Resources

Docs: https://w3c.github.io/web-share

Samples: https://scrawny-bottlenose-somersault.glitch.me/share-from-iframes.html

Origin Trials in-progress in 110

This release of Chrome had 0 new origin trials.

Flagged features in 110

This release of Chrome had 0 are available behind a flag.

Deprecations and Removals

Deprecation policy

To keep the platform healthy, we sometimes remove APIs from the Web Platform which have run their course. There can be many reasons why we would remove an API, such as:

Some of these changes will have an effect on a very small number of sites. To mitigate issues ahead of time, we try to give developers advanced notice so they can make the required changes to keep their sites running.

Chrome currently has a process for deprecations and removals of API's, essentially:

You can find a list of all deprecated features on chromestatus.com using the deprecated filter and removed features by applying the removed filter. We will also try to summarize some of the changes, reasoning, and migration paths in these posts.

Deprecated features in 110

This release of Chrome had 0 features deprecated.

Removed features in 110

This release of Chrome had 2 features removed.

Deprecate and remove WebSQL in non-secure contexts

We intend to deprecate and remove usage of WebSQL in non-secure contexts. Deprecation: M105 Removal: M110 #

This feature was specified in this Spec.

Features: Remove window.webkitStorageInfo

We propose to remove support for the legacy storage quota API, window.webkitStorageInfo. Originally introduced in 2011, Chrome implemented the prefixed quota API which was immediately succeeded by the Quota API which as since been deprecated as well. The legacy storage quota API was never implemented by any other browser, and has been marked deprecated since 2013. #

This feature was specified in this Spec.