Google has unveiled the release of its Chrome 113 web browser. At the same time a stable release of the free project Chromium, which acts as the basis for Chrome, is available. Chrome browser differs from Chromium in the use of Google logos, the presence of a crash notification sending system, modules for playing copy-protected video content (DRM), automatic updates installation system, Sandbox-isolation, delivery of keys to Google API and passing of RLZ-parameters when searching. For those who need more time to update, the Extended Stable branch is separately supported, accompanied by 8 weeks. The next release of Chrome 114 is scheduled for May 30.
The main changes in Chrome 113 are:
- Support for the WebGPU graphics API and WGSL (WebGPU Shading Language) is enabled by default. WebGPU provides a programming interface similar to Vulkan, Metal and Direct3D 12 for GPU-side operations such as rendering and computation, and allows you to use the shader language to write GPU-side programs. WebGPU support is only included in ChromeOS, macOS and Windows builds for now, and will be activated later for Linux and Android.
- Work continued on performance optimization. As for branch 112, the speed of the Speedometer 2.1 test has increased by 5%.
- For users, the gradual inclusion of storage segmentation mode, Service Workers and communication APIs, which are separated by domains during the processing of the page, which isolates third-party handlers. The mode allows blocking methods of tracking user movement between sites, based on storing identifiers in shared repositories and areas not intended for permanent storage ("Supercookies"), such as those that work by estimating the presence of certain data in browser caches. Initially, when processing a page, all resources were stored in a common namespace (same-origin), independent of the source domain, which allowed one site to detect resource loading from another site through local storage manipulation, IndexedDB API or cache availability checks.
Segmentation attached a separate attribute to the key used to retrieve objects from the cache and browser stores, determining the binding to the primary domain from which the main page was opened, limiting the scope for move-tracking scripts such as those loaded via iframe from another site. To force activation of segmentation without waiting for it to be enabled in-house, you can use the "chrome://flags/#third-party-storage-partitioning" setting.
- A First-Party Sets (FPS) mechanism is proposed that allows you to define a relationship between different sites of the same organization or project for common cookie processing between them. The feature is useful when one site is accessible through different domains (for example, opennet.ru and opennet.me). Cookies for such domains are completely separate, but with FPS they can now be linked into a common repository. You can use "chrome://flags/enable-first-party-sets" flag to enable FPS.
- Substantial optimization was made to the AV1 video encoder (libaom), which improved the performance of web applications using WebRTC, such as video conferencing systems. A new speed 10 mode was added, suitable for devices with limited CPU resources. When testing the Google Meet application on a 40 kbps link, AV1 Speed 10 mode compared to VP9 speed 7 mode resulted in a 12% increase in quality and a 25% performance gain.
- When Safe Browsing > Enhanced protection is turned on to detect malicious activity in add-ons on the Google side, it collects telemetry about the operation of browser add-ons installed outside the Chrome Store catalog. We send such data as add-on file hashes and the contents of
manifest.json
. - Some users have additional form autocomplete options turned on, aimed to quickly fill in shipping address and payment details when making purchases from some online stores.
- The menu shown when you click the "three dots" icon has been restructured. Extensions" and "Chrome Web Store" have been moved to the first level of the menu.
- Added possibility to translate only selected part of a page into another language (translation is initiated from the context menu). The "chrome://flags/#desktop-partial-translate" setting is provided to control whether partial translations are enabled.
- On the page shown when opening a new tab, an option to resume interrupted work ("Journey") has been added, e.g. you can continue a search from an interrupted position.
- The Android version has a new service page "chrome://policy/logs" for the administrator to debug the centralized management policies set for users.
- The Android build now has the ability to show more personalized content in the recommended content section (Discover). In addition, we added the ability to customize the preferred types of recommendations displayed (e.g., you can hide content from some sources) for users who are not connected to their Google account.
- The Android version offers a new interface for selecting media files for uploading photos and videos (instead of its own implementation, the Android Media Picker interface is used).
- CSS has implemented a standard
image-set()
syntax that allows you to select the image from a set of options with different resolutions that best fit the current screen parameters and network bandwidth. The previously supported-webkit-image-set()
call, which offered a Chrome-specific syntax, has now been replaced by the standard image-set. - Added support for new
@media overflow-inline
andoverflow-block
requests in CSS to determine how content will be rendered outside of the original block boundaries. - Added media query update to CSS to allow you to define styles for printouts or for display on slow (e.g., ebook screens) and fast (conventional monitors) screens.
- The
linear()
function was added to CSS to apply linear interpolation between a given number of points, which can be used to create complex animations such as bounce and stretch effects. - The
Headers.getSetCookie()
method has implemented the ability to extract values from multipleSet-Cookie headers
passed in a single request without combining them. - Added largeBlob extension to the WebAuthn API to store large binary data related to credentials.
- Included Private State Token API for separating users without using cross-site IDs.
- Sites are not allowed to set the document.domain property to apply same-origin conditions to resources loaded from different subdomains. Use
postMessage()
or the Channel Messaging API if you want to set up a communication channel between subdomains. - Improvements have been made to the tools for web developers. In the network activity panel it is now possible to override or create new HTTP response headers returned by the web server (Network > Headers > Response Headers). In addition, you can edit all overrides in one place by editing the .headers file in* Sources > Overrides* and creating replacements by mask. Improved debugging of applications using Nuxt, Vite and Rollup web frameworks. Diagnostics of CSS issues in the Styles panel has been improved (errors in property names and assigned values are marked separately). In web console added ability to display autocomplete recommendations when pressing Enter (not only when pressing tab or right arrow). In addition to innovations and bug fixes, the new version fixes 15 vulnerabilities. Many of the vulnerabilities were identified through automated testing with AddressSanitizer, MemorySanitizer, Control Flow Integrity, LibFuzzer, and AFL tools. No critical issues were identified that allow all layers of browser protection to be bypassed and code to be executed on the system outside of the sandbox environment. As part of the vulnerability detection cash bounty program for the current release, Google paid out 10 awards worth $30,500 (one each of $7500. $5000 and $4000, two $3000 awards, three $2000 awards, and two $1000 awards).
No comments yet