Protecting users from insecure downloads in Google Chrome
February 6th, 2020
Today we’re announcing that Chrome will gradually ensure that secure (HTTPS) pages only download secure files. In a series of steps outlined below, we’ll start blocking “mixed content downloads” (non-HTTPS downloads started on secure pages). This move follows a plan we announced last year to start blocking all insecure subresources on secure pages. Insecurely-downloaded files…
Browser Version Release Spectrum
February 5th, 2020
Whenever a browser upgrades versions, it’s a little marketing event, and rightly so. Looks like for Firefox it’s about once a month, Chrome is ~6 weeks, and Safari is once a year. Chrome 80 just dropped, as they say, and we get a video and blog post. What strikes me about releases like this these…
Videos with fewer intrusive ads
February 5th, 2020
Chrome has always focused on creating the best possible experience for people browsing the web. We have a long history of protecting our users from annoying and harmful experiences—like blocking pop-up windows and warning users if a page has malware. For the last few years, we’ve worked to address a common complaint among Chrome users:…
SameSite Cookie Changes in February 2020: What You Need to Know
February 3rd, 2020
With the stable release of Chrome 80 this month, Chrome will begin enforcing a new secure-by-default cookie classification system, treating cookies that have no declared SameSite value as SameSite=Lax cookies. Only cookies set as SameSite=None; Secure will be available in third-party contexts, provided they are being accessed from secure connections. Chrome first announced this change…
Rethinking Payment Request for iOS Chrome
January 29th, 2020
The Payment Request API is a web standard to make it easier for web developers to build low-friction and secure payment flows. The browser facilitates the flow between a merchant website and “payment handlers”. A payment handler can be built-in to the browser, a native app installed on the user’s mobile device, or a Progressive…
Edgium
January 21st, 2020
January 15th, 2020 was the day Microsoft Edge went Chromium. A drop in browser engine diversity. There is a strong argument to be made that’s not good for an ecosystem. Looked at another way, perhaps not so bad: Perhaps diversity has just moved scope. Rather than the browser engines themselves representing diversity, maybe forks of the engnies…
AppCache Scope Restricted
January 21st, 2020
The Application Cache (AppCache) specification has been deprecated since December 2016 and in Chrome starting in version 79. In Chrome 70, AppCache was removed from insecure contexts. We plan to remove AppCache in Chrome 82. Prior to AppCache’s removal in Chrome 82, we’re announcing a security fix that introduces the concept of a manifest scope….
Manage audio and video in Chrome with one click
January 16th, 2020
We’ve all been there: You have lots of tabs open and one of them starts playing a video, but you can’t figure out which one. Or you’re listening to music in your browser in the background and want to change the song without stopping your work to find the right tab. With Chrome’s latest update,…
Moving Forward from Chrome Apps
January 15th, 2020
The web platform has made substantial progress since the launch of Chrome Apps in 2013. As community members, we continue to work with other browsers and invest to bring rich new capabilities to the platform, as seen in the announcements made at the Chrome Developer Summit last November. The progress of modern browsers puts the…
Building a more private web: A path towards making third party cookies obsolete
January 14th, 2020
In August, we announced a new initiative (known as Privacy Sandbox) to develop a set of open standards to fundamentally enhance privacy on the web. Our goal for this open-source initiative is to make the web more private and secure for users, while also supporting publishers. Today, we’d like to give you an update on…