Menu

Browser News

Weekly Platform News: WebAPK Limited to Chrome, Discernible Focus Rectangles, Modal Window API

October 24th, 2019

In this week’s roundup: “Add to home screen” has different meanings in Android, Chrome and Edge add some pop to focus rectangles on form inputs, and how third-party sites may be coming to a modal near you. Let’s get into the news. WebAPKs are not available to Firefox on Android On Android, both Chrome and…

Automatically lazy-loading offscreen images & iframes for Lite mode users

October 24th, 2019

In Chrome 76, we introduced native lazy-loading for images and iframes via the `loading` attribute – a developer opt-in. In Chrome 77, Chrome Android users with  Lite Mode (Data Saver) enabled will benefit from native lazy-loading of images and iframes automatically. Lite mode has allowed Chrome to reduce users’ data usage by up to 60…

Developers: Get Ready for New SameSite=None; Secure Cookie Settings

October 23rd, 2019

In May, Chrome announced a secure-by-default model for cookies, enabled by a new cookie classification system (spec). This initiative is part of our ongoing effort to improve privacy and security across the web. Chrome plans to implement the new model with Chrome 80 on February 2020. Mozilla and Microsoft have also indicated an intent to…

Recent Site Isolation improvements

October 17th, 2019

In July 2018 we launched Site Isolation in Chrome as a way to secure desktop browsers against the risk of side-channel attacks like Spectre. We recently published a USENIX Security conference paper highlighting the benefits of this launch. Today, we are pleased to announce further improvements we’ve rolled out in Chrome 77: Chrome for Android…

DM Verity Algorithm Change

October 16th, 2019

One of the foundational security features of Chromebooks is Verified Boot, which protects our users from potentially malicious software being run on their devices. The last chain of verification in this process is to validate the integrity of the root file system (rootfs). This blog post describes a recent enhancement to this rootfs validation to…

Weekly Platform News: Tracking via Web Storage, First Input Delay, Navigating by Headings

October 3rd, 2019

In this week’s roundup, Safari takes on cross-site tracking, the delay between load and user interaction is greater on mobile, and a new survey says headings are a popular way for screen readers to navigate a webpage. Let’s get into the news. Safari’s tracking prevention limits web storage Some social networks and other websites that…

No More Mixed Messages About HTTPS

October 3rd, 2019

Today we’re announcing that Chrome will gradually start ensuring that https:// pages can only load secure https:// subresources. In a series of steps outlined below, we’ll start blocking mixed content (insecure http:// subresources on https:// pages) by default. This change will improve user privacy and security on the web, and present a clearer browser security…

Chrome UI for Deprecating Legacy TLS Versions

October 1st, 2019

Last October we announced our plans to remove support for TLS 1.0 and 1.1 in Chrome 81. In this post, we’re announcing a pre-removal phase in which we’ll introduce a gentler warning UI, and previewing the UI that we’ll use to block TLS 1.0 and 1.1 in Chrome 81. Site administrators should immediately enable TLS…

Preloading Pages Just Before They are Needed

September 27th, 2019

The typical journey for a person browsing a website: view a page, click a link, browser loads a new page. That’s assuming no funny business like a Single Page App, which still follows that journey, but the browser doesn’t load a new page — the client fakes it for the sake of a snappier transition….

What happens when you open a new install of browsers for the 1st time?

September 27th, 2019

Interesting research from Jonathan Sampson, where he watches the network requests a browser makes the very first time you launch it on a fresh install, and otherwise do nothing. This gives you a little insight into what kind of information that browser wants to collect and disseminate. This was all shared as tweets, but I’m…