Google heeft versie 103 van zijn webbrowser Chrome uitgebracht. Google Chrome is beschikbaar voor Windows, Linux en macOS. Er zijn ook versies voor Android en iOS, maar die volgen een iets ander releaseschema. Nieuw in versie 103 is onder meer Early Hints for Navigation, waardoor pagina's net iets sneller moeten laden en mogen webapps nu gebruikmaken van op het lokale systeem aanwezige fonts. Meer informatie over de veranderingen die in deze uitgave zijn aangebracht, naast de gebruikelijke bug- en security fixes, kan op deze pagina en hieronder worden gevonden.
Early Hints for NavigationChrome now supports the 103 Early Hints HTTP response code for navigation. (Note: the correspondence with the Chrome release number is a coincidence.) When a 103 response includes
<link rel=preload>or other link headers Chromium tries to preload (and/or preconnect, prefetch) specified resources before the final response is received. This gives web developers a way to optimize core web vitals such as Largest Contentful Paint (LCP).HTTP/2 introduced the concept of server push, a mechanism that allows a server to preemptively send data to the client. Server push was intended to improve site performance. In the years since, developers have generally preferred preloading from the client side of a web interaction. 103 early hints for navigation provides a new way to do that.
For information on the work that went into bringing this to the web, see Beyond Server Push: The 103 Early Hints Status Code.
Origin TrialsOrigin trials allow you to try new features and give feedback on usability, practicality, and effectiveness to the web standards community. To register for any of the origin trials currently supported in Chrome, including the ones described below, visit the Chrome Origin Trials dashboard. To learn more about origin trials in Chrome, visit the Origin Trials Guide for Web Developers. Microsoft Edge runs its own origin trials separate from Chrome. To learn more, see the Microsoft Edge Origin Trials Developer Console.
New Origin Trials Federated Credentials ManagementThe Federated Credential Management API allows users to log in to websites with their federated accounts in a privacy preserving manner. It allows the browser to understand the context in which the relying party and identity provider exchange information, inform the user about the information and privilege levels being shared and prevent unintended abuse. For more information, see Participate in a Federated Credential Management API origin trial for IdPs.
Completed Origin TrialsThe following features, previously in a Chrome origin trial, are now enabled by default.
Local Font AccessWeb applications can now enumerate local fonts and metadata about each. The new API also gives web applications access to table data stored within local fonts, allowing those fonts to be rendered within their applications using custom text stacks.
Note: The Chrome 102 beta post erroneously listed this feature as shipping in that version.
Same-Origin Prerendering Triggered by the Speculation Rules APIPrerendering loads a web page before it is needed, so that when the actual navigation to that page occurs, it can be shown instantly. To speed up page loads. Chrome's previous prerender mechanism is now replaced with No State Prefetch. No State Prefetch doesn't generally result in an instant page load experience, but the new feature does. This feature is supported on Android only.
Update User-Agent Client Hints GREASE ImplementationThe implementation of
Other Features in this Release AbortSignal.timeout() Static MethodGREASEin User Agent Client Hints is now aligned with the current spec, which includes additionalGREASEcharacters beyond the current semicolon and space, and which recommends varying the arbitrary version. This helps prevent bad assumptions from being built on top of User-Agent strings.Returns a new AbortSignal object that is automatically aborted after a given number of milliseconds. Use this method to easily implement timeouts for signal-accepting asynchronous APIs, such as
ARIA Attribute Reflection for the role Attributefetch(). For example:fetch(url, { signal: AbortSignal.timeout(10_000) });The
avif is Now a Permitted Web Share File ExtensionElementandElementInternalinterfaces now include anARIAproperty called ariaRoleDescription which returns or modifies the ARIA role attribute directly. This feature is only supported on desktop.The avif image file format is now sharable by Web Share. Adding avif to the other allowed image file types helps spread the use of it. A website might like their users to be able to share pictures and other files through social media, email, chat, etc. The Web Share API is already shipped to more platforms such as ChromeOS and Windows, but avif is not supported yet.
"deflate-raw" Compression FormatChrome supports a new compression format,
form rel Attributedeflate-raw, to give web developers access to the raw deflate stream without any headers or footers. This is needed, for example, to read and write zip files.The
popstate Fires Before Load'rel'attribute has been added to form elements. This makes it possible to preventwindow.openerfrom being present on websites navigated to by form elements which haverel=noopener. It also prevents therefererheader from being sent withrel=noreferrer.Chromium now matches Firefox and by firing
Restrict Gamepad Usagepopstateimmediately after URL changes so that the order of events is nowpopstatethenhashchangeacross both platforms. Before this change, Chromium firedhashchangeasynchronously after a task, and delayedpopstateuntil the load event. This means the event order could be eitherhashchangethenpopstate, orpopstatethenhashchange, depending on how long a document took to load.The Gampepad API now requires a secure context. Additionally a new feature policy called
SerialPort forget()'gamepad'has been added with a default allowlist of'self'.The
Support visual-box on overflow-clip-marginSerialPort forget()method allows web developers to voluntarily revoke a permission to a serial port that was granted by a user. Some sites may not be interested in retaining long-term permissions to access serial ports. For example, for an educational web application used on a shared computer with many devices, a large number of accumulated user-generated permissions creates a poor user experience. In addition to user agent mitigations to avoid this problem, such as defaulting to a session scoped permission on the first request or expiring infrequently used permissions, it should be possible for the site itself to clean up user-generated permissions it no longer needs. This follows the recent additions of aforget()method for theHIDDeviceandUSBDeviceinterfaces.The
User Activation Required for SPC Credential Enrollmentoverflow-clip-marginCSS property now supportsvisual-box, which specifies the box edge to use as the overflow clip edge origin. Valid values arecontent-box,padding-box(the default), orborder-box. Theoverflow-clip-marginproperty specifies how far an element's content is allowed to paint before being clipped.A user activation requirement has been added for Secure Payment Confirmation credential enrollment in a cross-origin iframe. This is being done to help mitigate a privacy issue.
Deprecations, and RemovalsThis version of Chrome introduces the deprecations and removals listed below. Visit ChromeStatus.com for lists of current deprecations and previous removals.
Block External Protocol in Sandboxed iframeSandboxed iframes are not blocked from opening external applications. Currently, developers sandbox untrusted content and block user navigation. Blocking probably should have also included links to external apps or to the Play store. This has now been fixed.
Sites that need navigation can add the following values to the
<iframe>element's sandbox property:Remove Battery Status API on Insecure Origins
allow-popupsallow-top-navigationallow-top-navigation-with-user-activationThe Battery Status API is no longer supported on insecure contexts, specifically HTTP pages and HTTPS iframes embedded in HTTP pages. This is being removed in accordance with our policy of deprecating powerful features on insecure origins, This also follows a spec change.
Remove <param> ElementGiven the removal of plugins from the web platform, and the relative lack of use of
<param>, it is being removed from the web platform.
:fill(white):strip_exif()/i/2002189289.jpeg?f=thumbmedium)
:strip_icc():strip_exif()/u/227665/th_petey_rawrs.jpg?f=community){kind=small}
:strip_icc():strip_exif()/u/727882/crop66e07cc209d99_cropped.jpg?f=community){kind=small}
