Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Software-update: Google Chrome 63.0.3239.84

Google Chromelogo (75 pix) Google heeft versie 63 van zijn webbrowser Chrome uitgebracht. Google Chrome is beschikbaar voor Windows, Linux en macOS. Er zijn ook versies voor Android en iOS, maar die volgen een iets ander releaseschema. Sinds versie 50 is de ondersteuning voor oudere versies van Windows en macOS vervallen. De belangrijkste veranderingen en verbeteringen die in versie 63 zijn aangebracht zijn hieronder voor je op een rijtje gezet.

Dynamic module imports

Currently, importing JavaScript modules is completely static, and developers cannot import modules based on runtime conditions, like whether a user is logged in. Starting in this release, the import(specifier) syntax now allows developers to dynamically load code into modules and scripts at runtime. This  can be used for lazy loading a script only when it’s needed, which improves performance of the application

Async iterators and generators

Writing code that does any sort of iteration with async functions can be inelegant. The new async generator functions using the async iteration protocol are now available to help developers streamline the consumption or implementation of streaming data sources. Async iterators can be used in for loops and also to create custom async iterators through async iterator factories.

Device Memory API

It’s challenging for developers to create one user experience that can work across all devices, due to varying device capabilities. The new Device Memory JavaScript API helps developers with this challenge by using the total RAM on a user’s machine to provide insights into device constraints. This insight enables developers to tailor content at runtime in accordance with hardware limitations. For example, developers can serve a “lite” app to users on low-end devices, resulting in better experiences and fewer frustrations. The Device Memory API can also be used to add context to metrics, such as the amount of time a task takes to complete in JavaScript, through the lens of device memory.

Permissions UI changes

When websites need special permissions from a user, they trigger a permission request. Currently these permission requests appear in Chrome for Android as ignorable banners at the bottom of the screen, and developers often show them without considering whether the user has the appropriate context to grant the permission. This results in a distracting user experience, and users ignore or temporarily dismiss these permission prompts more than 90% of the time.

In Chrome 59, we started to address this problem by temporarily blocking a permission if the user dismisses the request three times. As a next step, in this release Chrome for Android now presents permission requests as modal dialogs. This change reduces the overall number of permission prompts by 50%. It also makes users 5 times more likely to accept or deny requests, rather than temporarily dismissing or repeatedly ignoring them. To ensure users understand the permission request, developers should present users with permission requests at an appropriate time, as we’ve found that users were 2.5 times more likely to grant permission to a site that ask for permissions with context.

Other features in this release Blink > Bindings Blink > CSS
  • Developers can now make pixel-level adjustments using the new Q length unit, which is especially useful on small viewports.
  • Developers can now prevent apps from using Chrome’s pull-to-refresh feature or create custom effects using  overscroll-behavior, which allows changing the browser’s behavior once the scroller has reached its full extent.
Blink > Fonts Blink > HTML
  • To improve interoperability, Chrome will fire  beforeprint and afterprint events as part of the printing standard, allowing developers to to annotate the printed copy and edit the annotation after the printing command is done executing.
Blink > JavaScript
  • Using Promise.prototype.finally, a callback can now be registered to be invoked after a Promise has been fulfilled or rejected.
  • The Intl.PluralRules API allows developers to build applications that understand pluralization of a given language by indicating which plural form applies for a given number and language.
Blink > MediaStream Blink > Network
  • Version 2 of NT LAN Manager (NTLM) API is now shipped, enabling applications to authenticate remote users and provide session security when requested by the application.
Blink > Sensor
  • Thanks to contributors from engineers at Intel, an Origin Trial is now available that exposes the following sensors via the new Generic Sensors API syntax: Accelerometer, LinearAccelerationSensor, Gyroscope, AbsoluteOrientationSensor, and RelativeOrientationSensor.
Blink > Storage
  • The localStorage and sessionStorage API's now use getItem() rather than an anonymous getter, so attempting to access a key using getItem() will now return null rather than undefined. Thanks to Intel for the contribution!
  • To improve developer experience, the methods on sessionStorage and localStorage such as getItem(), removeItem(), and clear() are now enumerable. Thanks to Intel for making this happen!
UI > Browser > Mobile (Android) Deprecations and interoperability improvements Blink > Bindings
  • To improve interoperability, instance properties with a Promise type now return a rejected promise instead of throwing an exception.
Blink > CSS
  • The /deep/ or >>>, selector, as well as ::shadow, are now removed from CSS dynamic profile, following their deprecation in Chrome 45.
Blink > DOM

Versienummer 63.0.3239.84
Releasestatus Final
Besturingssystemen Windows 7, Linux, macOS, Windows Vista, Windows Server 2008, Windows Server 2012, Windows 8, Windows 10
Website Google
Download https://www.google.com/chrome/browser/desktop/index.html
Licentietype GPL

Reacties (12)

Wijzig sortering
Verder zijn er een aantal belangrijke security-fixes doorgevoerd:
  • [$10500][778505] Critical CVE-2017-15407: Out of bounds write in QUIC. Reported by Ned Williamson on 2017-10-26
  • [$6337][762374] High CVE-2017-15408: Heap buffer overflow in PDFium. Reported by Ke Liu of Tencent's Xuanwu LAB on 2017-09-06
  • [$5000][763972] High CVE-2017-15409: Out of bounds write in Skia. Reported by Anonymous on 2017-09-11
  • [$5000][765921] High CVE-2017-15410: Use after free in PDFium. Reported by Luật Nguyễn (@l4wio) of KeenLab, Tencent on 2017-09-16
  • [$5000][770148] High CVE-2017-15411: Use after free in PDFium. Reported by Luật Nguyễn (@l4wio) of KeenLab, Tencent on 2017-09-29
  • [$3500][727039] High CVE-2017-15412: Use after free in libXML. Reported by Nick Wellnhofer on 2017-05-27
  • [$500][766666] High CVE-2017-15413: Type confusion in WebAssembly. Reported by Gaurav Dewan(@007gauravdewan) of Adobe Systems India Pvt. Ltd. on 2017-09-19
  • [$3337][765512] Medium CVE-2017-15415: Pointer information disclosure in IPC call. Reported by Viktor Brange of Microsoft Offensive Security Research Team on 2017-09-15
  • [$2500][779314] Medium CVE-2017-15416: Out of bounds read in Blink. Reported by Ned Williamson on 2017-10-28
  • [$2000][699028] Medium CVE-2017-15417: Cross origin information disclosure in Skia . Reported by Max May on 2017-03-07
  • [$1000][765858] Medium CVE-2017-15418: Use of uninitialized value in Skia. Reported by Kushal Arvind Shah of Fortinet's FortiGuard Labs on 2017-09-15
  • [$1000][780312] Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-10-31
  • [$500][777419] Medium CVE-2017-15420: URL spoofing in Omnibox. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-23
  • [$TBD][774382] Medium CVE-2017-15422: Integer overflow in ICU. Reported by Yuan Deng of Ant-financial Light-Year Security Lab on 2017-10-13
  • [$500][778101] Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. Reported by Greg Hudson on 2017-10-25
  • [$N/A][756226] Low CVE-2017-15424: URL Spoof in Omnibox. Reported by Khalil Zhani on 2017-08-16
  • [$N/A][756456] Low CVE-2017-15425: URL Spoof in Omnibox. Reported by xisigr of Tencent's Xuanwu Lab on 2017-08-17
  • [$N/A][756735] Low CVE-2017-15426: URL Spoof in Omnibox. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-08-18
  • [$N/A][768910] Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. Reported by Junaid Farhan (fb.me/junaid.farhan.54) on 2017-09-26
Verder is Chrome 63 ook uitgekomen voor Android: https://chromereleases.go...e-for-android-update.html

[Reactie gewijzigd door AnonymousWP op 7 december 2017 09:34]

Bedankt voor de info, maar misschien wat minder copy-pasta met de tekst ;)
Titel: Versie 63, tekst: "Versie 62 bevat onder meer een verbeterde Network Quality Estimator-api"
Dat stond bij de release van versie 62 ook al :p
Ik was ook nog niet klaar. Ik had in onoplettendheid het al per ongeluk on-line gezet. Ik kon overigens geen nieuwe dingen ontdekken waar heel veel mensen blij van worden, dus ik heb verder ook niets uit het changelog uitgelicht.
Even een vraag los van dit topic.
Waarom heb je als medewerker van Tweakers een anime karakter als avatar? Het oogt misschien vrij onprofessioneel voor derden.

[Reactie gewijzigd door kevinr1 op 7 december 2017 16:54]

Zoals je van mij bio gezien hebt kom ik zelf voort uit de community en doe ik dit werk al bijna 14 jaar. Ik kom dus uit een tijd dat Tweakers nog niet de professionele organisatie was die het nu is. Ik ben ook nog steeds geen "echte" werknemer, maar iemand die op freelance basis bijdragen levert. Dat geldt overigens ook voor de andere Downloads medewerker Japke.
Misschien onprofessioneel maar ik vind het eigenlijk beter. Zo heb ik het gevoel dat hij gewoon “één van ons” is en vind ik het iets informeler. Dat vind ik fijn.
Hij is volgens mij ook de enige die zjin biologie-profiel foto ook anime heeft, want nu staat het naast de reacties ook bovenaan de artikel. Wel een beetje raar, maar het geeft wel een beter gevoel van dat hij ook onderdeel is van de Tweakers community ipv alleen als journalist/auteur.
OK, dan was ik te voorbarig ;)
Ter info over Blink in de release notes, van Wikipedia: "Blink is a web browser engine developed as part of the Chromium project. Blink is a fork of the WebCore component of WebKit, which is originally a fork of the KHTML and KJS libraries from KDE. It was first announced in April 2013.".
Je kan nu met Site Isolation de sandbox van Chrome veiliger maken. Dat zorgt ervoor dat verschillende sites niet in hetzelfde proces draaien en zo van elkaar geisoleerd zijn:
https://support.google.com/chrome/a/answer/7581529
Bladwijzerbeheer is flink aangepast, het menu pas nu in de Material Design-filosofie. Wel even wennen geblazen!
Met deze update kan je als developer ook al je .dev domeinen gaan aanpassen naar bijv. "local", aangezien Google de .dev omgevingen redirecten naar een https.

"Chrome 63 (out since December 2017), will force all domains ending on .dev (and .foo) to be redirected to HTTPS via a preloaded HTTP Strict Transport Security (HSTS) header."

https://ma.ttias.be/chrom...https-via-preloaded-hsts/

Misschien was dit al bekend onder jullie :)


Om te kunnen reageren moet je ingelogd zijn


Apple iPhone X Google Pixel 2 XL LG W7 Samsung Galaxy S9 Google Pixel 2 Far Cry 5 Microsoft Xbox One X Apple iPhone 8

© 1998 - 2017 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Hardware.Info de Persgroep Online Services B.V. Hosting door True

*