Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Software-update: Google Chrome 70.0.3538.67

Google Chrome logo, 2018 (80 pix) Google heeft versie 70 van zijn webbrowser Chrome uitgebracht. Google Chrome is beschikbaar voor Windows, Linux en macOS. Er zijn ook versies voor Android en iOS, maar die volgen een iets ander releaseschema. Sinds versie 50 is de ondersteuning voor oudere versies van Windows en macOS vervallen. Versie 70 maakt het onder meer mogelijk om permissies voor extensies per site in te stellen. De belangrijkste veranderingen in deze uitgave, naast de gebruikelijke bug- en security fixes, zijn hieronder voor je op een rijtje gezet.

Shape Detection Origin Trial
The Shape Detection API makes a device's shape detection capabilities available on the web, letting you identify faces, barcodes, and text in images. It does this without the use of a performance-killing library. As Chrome 70, this API is available for experimentation through a Chrome origin trial. The Shape Detection API consists of three APIs: A Face Detection API, a Barcode Detection API and a Text Detection API. Given an image bitmap or a blob, the Face Detection API returns the location of faces and the locations of eyes, noses, and mouths within those faces. To give you rudimentary control of performance, you can limit the number of returned faces and prioritize speed over performance. The Barcode Detection API decodes barcodes and QR codes into strings. (There is a QR code demo at https://qrsnapper.com/) The value can be anything from a single set of digits to multi-line text. The Text Detection API reads Latin-1 text (as defined in iso8859-1) in images. All of these APIs only expose what's supported in the underlying device. A short example will give you a taste of these APIs, all of which work in a similar fashion. The code below finds all barcodes or QR codes in a given image and prints their values to the console.
const image = document.getElementById('someImage');
try {
  const barcodeDetector = new BarcodeDetector();
  const barcodes = await barcodeDetector.detect(image);
  barcodes.forEach(barcode => console.log(barcodes.rawValue));
} catch (exception) {
  console.error('Boo! Barcode detection failed:', exception);
}
Web Authentication
Chrome 70 has two updates to the Web Authentication API related to the PublicKeyCredential type. The Credential Management API, enabled in Chrome 51, defined a framework for handling credentials that included semantics for creating, getting, and storing them. It did this through two credential types: PasswordCredential and FederatedCredential. The Web Authentication API adds a third credential type, PublicKeyCredential, which allows web applications to create and use strong, cryptographically attested, and application-scoped credentials to strongly authenticate users. The PublicKeyCredential type was enabled by default on desktop in Chrome 67. In Chrome 70 it is also enabled by default on Android. Also enabled by default are macOS's TouchID and Android's fingerprint sensor via Web Authentication. These allow developers to access biometric authenticators through the Credential Management API's PublicKeyCredential type.

Displaying a dialog causes pages to lose fullscreen
Dialog boxes, specifically authentication prompts, payments, and file pickers require context for users to make decisions. Fullscreen, by definition is immersive, and removes the context that a user needs to make a decision. Chrome now exits full screen whenever a page shows a dialog box.

Add referrerpolicy support to <script> elements
Many resource-fetching elements have support for the referrerpolicy attribute, which lets developers provide a keyword to influence the value of the Referer HTTP header that accompanies a request. The <link> element already has support for this, so it is technically possible to preload a script with a developer-set referrer policy. Starting in this version of Chrome, the <script> element supports the referrerpolicy as well.

The <rp> element defaults to display:none
The default style of the <rp> element is changed to display:none instead of display:inline even if it is not inside the <ruby> element as defined in the HTML specification. This behavior is implemented in the user agent stylesheet, but the web author can override it.

Intervention Reports
An intervention is when a user agent does not honor an application request for security, performance, or annoyance reasons. With this change, Chrome can be configured to send intervention and deprecation messages to your servers using the Report-To HTTP Response header field and surface them in the ReportingObserver interface. This is the first of several proposed uses for the Report-To header. Follow these links to learn more about the header and the interface.

Support codec and container switching with MSE using SourceBuffer.changeType()
This change adds the SourceBuffer.changeType() method to improve cross-codec or cross-bytestream transitions during playback with Media Source Extensions.

Support Opus in mp4 with Media Source Extensions
Opus is an audio codec already supported by the HTML5 src attribute on <url> elements. It is now supported by Media Source Extensions.

'name' attribute for dedicated workers
Dedicated workers now have a name attribute, which is specified by an optional argument on the worker's constructor. This lets you distinguish dedicated workers by name when you have multiple workers with the same URL. Developers can print name in the DevTools console which will make it easier to debug workers. When the name parameter is omitted, an empty string is used as the default value. For more information, see the discussion on GitHub.

ontouch* APIs default to disabled on desktop
To avoid confusion on touch feature detection, ontouch* members on window, document, and element are disabled by default on desktop (Mac, Windows, Linux, ChromeOS). Note that this is not disabling touches, and usage such as addEventListener("touchstart", ...) is not affected.

Options dictionary for postMessage methods
An optional PostMessageOptions object has been added as an argument to postMessage() for 6 of the 7 interfaces where it's supported, specifically, DedicatedWorkerGlobalScope, MessagePort, ServiceWorker, ServiceWorker.Client, Window, and Worker. This gives the function a similar interface on its definitions and allows it to be extended in the future. Because broadcastChannel.postMessage() doesn't take additional arguments (such as transfer) it is not being changed.

RTCPeerConnection.getConfiguration()
This getConfiguration() was implemented according to the WebRTC 1.0. Specifically it returns the last configuration applied via setConfiguration(), or if setConfiguration() hasn't been called, the configuration the RTCPeerConnection was constructed with.

Symbol.prototype.description
A description property is being added to Symbol.prototype to provide a more ergonomic way of accessing the description of a Symbol. Previously, the description could only be accessed indirectly through Symbol.protoype.toString().

TLS 1.3
TLS 1.3 is an overhaul of the TLS protocol with a simpler, less error-prone design that improves both efficiency and security. The new design reduces the number of round-trips required to establish a connection and removes legacy insecure options, making it easier to securely configure a server. It additionally encrypts more of the handshake and makes the resumption mode more resilient to key compromise.

Update behavior of CSS Grid Layout percentage row tracks and gutters
Percentage row tracks and gutters in grid containers now have indefinite heights. Previously, these were behaving similarly to percentage heights in regular blocks, but the CSS Working Group has resolved to make them behave the same as for columns, making them symmetric. Percentages are now ignored when computing intrinsic height and resolved afterwards against that height. That way both column and row axes will have symmetric behavior to resolve percentages tracks and gutters.

Web Bluetooth available on Windows 10
Web Bluetooth allows websites to communicate over GATT with nearby user-selected Bluetooth devices in a secure and privacy-preserving way. In Chrome 56, this shipped on Android, ChromeOS, and macOS. In Chrome 70 it is shipping on Windows 10. For earlier versions of Windows and Linux, it is still behind a flag (chrome://flags/#enable-experimental-web-platform-features).

WebUSB on Dedicated Workers
WebUSB is enabled inside dedicated workers. This allows developers to perform heavy I/O and processing of data from a USB device on a separate thread to reduce the performance impact on the main thread.

Deprecations and Interoperability Improvements
Chrome sometimes deprecates, removes, or changes features to increase interoperability with other browsers. This version of Chrome includes the following such changes.

Remove AppCache from insecure contexts.
AppCache is now removed from insecure contexts. AppCache is a powerful feature that allows offline and persistent access to an origin, which is a powerful privilege escalation for cross-site scripting. This removes that attack vector by only allowing it only over HTTPS. Developers looking for an alternative to AppCache are encouraged to use service workers. An experimental library is available to ease that transition.

Remove anonymous getter for HTMLFrameSetElement
The anonymous getter for HTMLFrameSetElement is non-standard and therefore removed.

Deprecate and remove Gamepads.item()
The legacy item() accessor is removed from the Gamepads array. This change improves compatibility with Firefox which is so far the only browser to implement GamepadList.

Deprecate Custom Elements v0
Custom Elements are a web components technology that lets you create new HTML tags, beef up existing tags, or extend components authored by other developers. Custom Elements v1 have been implemented in Chrome since version 54, which shipped in October 2016. Custom Elements v0 is now deprecated with removal expected in Chrome 73, around March 2019.

Deprecate HTML Imports
HTML Imports, which allow HTML to be imported from one document to another, are now deprecated. Removal is expected in Chrome 73, around March 2019. Sites depending on HTML imports already require a polyfill on non-Chromium browsers. When HTML imports is removed, sites that have the polyfill should continue to work on Chrome.

Deprecate Shadow DOM v0
Shadow DOM is a web components technology that uses scoped subtrees inside elements. Shadow DOM v1 has been implemented in Chrome since version 53, which shipped in August of 2016. Shadow DOM v0 is now deprecated with removal expected in Chrome 73, around March 2019. Sites depending on HTML imports already require a polyfill on non-Chromium browsers. When Shadow DOM v0 is removed, sites that have the polyfill should continue to work on Chrome.

Deprecate SpeechSynthesis.speak() without user activation
The speechSynthesis.speak() function now throws an error if the document has not received a user activation. This API is being abused by sites since it is one of the only remaining APIs which does not adhere to autoplay policies in Chrome.

Versienummer 70.0.3538.67
Releasestatus Final
Besturingssystemen Windows 7, Linux, macOS, Windows Vista, Windows Server 2008, Windows Server 2012, Windows 8, Windows 10, Windows Server 2016
Website Google
Download https://www.google.com/chrome/
Licentietype Freeware

Reacties (13)

Wijzig sortering
Na het installeren van Chrome 70 bestaat de kans dat je een certificaat error kijgt bij het bezoeken van een website.
Symantec, GeoTrust en Thawte certificaten uitgegeven onder de oude VeriSign root worden, afhankelijk van de uitgifitedatum, op termijn niet meer vertrouwd in Google Chrome. Er is dus geen impact voor certificaten van Comodo of GlobalSign. Certificaten van Symantec, GeoTrust en Thawte hebben een kosteloze heruitgifte of verlenging nodig om vertrouwd te blijven in de browsers:

Certificaten uitgegeven tussen 1 juni 2016 en 1 december 2017 worden vanaf Chrome versie 70 niet meer vertrouwd. Versie 70 wordt vanaf 20 juli uitgerold als canary versie, vanaf 13 september als bŤta en per 16 oktober als officiŽle release. Deze certificaten hebben dus tussen 1 december 2017 en 16 oktober 2018 een vernieuwing nodig.
Zie ook:
nieuws: 'Drieduizend Nederlandse sites gebruiken nog steeds Symantec-certific...
Ik werk voor een SSL supplier en ik heb een stuk of 20 domeinen getest die nog op Symantec root draaien, allemaal geen probleem. Ik had ook begrepen van Google dat ze pas op 23 oktober dit zouden doorvoeren. Dus mogelijk met een latere versie 70, 70.1 ofzo...
Of met een config switch, of een ingebakken datum
Je kunt nu (weer) inloggen op bijv. YouTube zonder tegelijk in te loggen in Chrome. Je kunt dit gedrag beheren via 'settings --> advanced --> Allow Chrome sign-in'. Zie nieuws: Google krijgt kritiek op automatisch inloggen Chrome-gebruikers .

(Mocht je in versie 69 de flag 'chrome://flags/#account-consistency' op disabled hebben gezet, dan staat ie in versie 70 weer automagisch op default :O )
mm ik kan de "Allow Chrome sign-in" setting niet veranderen iemand enig idee waarom? Staat verder geen melding bij waarom het niet kan (gewoon grayed out).
Heb je op de bovengenoemde flags pagina gekeken? Misschien dat ie daar op disabled staat of misschien dat je even moet uitloggen uit de browser en nog een keer de instelling bekijken.
In flags pagina stond het op default. Moest eerst uitloggen van de browser toen kon ik het instellen. Nu ik weer ingelogd ben staat het nog steeds goed maar kan het weer niet aanpassen.
Ik denk dat het alleen geldt van client naar browser, niet andersom.
Dus als je zelf inlogt op de browser, zul je ook automatisch worden aangemeld met dat account bij Google services die je bezoekt.
Mocht je achter een Firewall zitten die DPI doet dan kan het zijn dat je bijvoorbeeld https://www.cloudflare.com/ en https://gmail.com/ niet meer kan bereiken. Dit heeft er mee te maken dat deze gebruik maken van TLS1.3.

Zie https://productforums.goo.../jRFqwLUh6YA/-6wz2sSPBAAJ voor meer informatie hierover.
Google chrome gebruik ik al ( bijna ) jaren niet meer, ben wel gecharmeerd van onderstaande browser.
Doet alles wat voor mij belangrijk is en geen google die mee kijkt

https://www.srware.net/en/software_srware_iron.php
Nou, ooit al eens onderzoek gedaan naar deze browser?
Een stukje discussie uit de chromium chat:

<mgreenblatt> Iron.. why not propose a patch based on preprocessor defines that disables the sections you dislike without forking the code?
<Iron> because a fork will bring a lot of publicity to my person and my homepage
<Iron> that means: a lot of money too ;)
<Iron> i dont take money for my fork
<Iron> but i have adsense on my page ;)
<Iron> a lot of visitor -> a lot of clicka > a lot of money ;)
<Iron> we are here in germany
<Iron> the press will love my fork
<Iron> i talked to much journalists already
<DrPizza> Why are you forking?
<DrPizza> to do what?
<Iron> to remove all things in source talking to google ;)
<jamessan> to get fame and fortune
<Iron> nobody here trusts google
<Iron> the german people say: google is very evil
<jamessan> yet you use google's adsense
Money Grab dus. Kun je dus net zo goed Firefox of Edge gebruiken. Nu alle 3 dezelfde addons ondersteunen en pagina's hetzelfde renderen, maakt het toch geen bal meer uit.

Op dit item kan niet meer gereageerd worden.


Apple iPhone XS Red Dead Redemption 2 LG W7 Google Pixel 3 XL OnePlus 6T (6GB ram) FIFA 19 Samsung Galaxy S10 Google Pixel 3

Tweakers vormt samen met Tweakers Elect, Hardware.Info, Autotrack, Nationale Vacaturebank en Intermediair de Persgroep Online Services B.V.
Alle rechten voorbehouden © 1998 - 2018 Hosting door True