Chromium Blog
News and developments from the open source browser project
ES6 & ES7 in the browser
Friday, April 29, 2016
JavaScript is a continually evolving programming language standardized over time by a committee of browser vendors, developers, and community members. In the past two years, this committee has introduced ES6, the largest update in the history of JavaScript, and ES7, the first of more frequent annual releases. Together the two versions add hundreds of new features to help developers write expressive, concise, and fast applications. After a long, collaborative journey of design, specification, and implementation work, the V8 JavaScript team has reached a major milestone in language support. Chrome Canary now runs both ES6 and ES7, which will ship to all users in Chrome 52.
ES6 and ES7 support in Chromium provides JavaScript developers with many sought-after features common in other programming languages, but previously missing from the web. These features include ways to simplify common programming patterns, make code easier to write, and customize low-level JavaScript behavior.
Classes
, for example, allow developers to easily write object-oriented programs and safely
extend
built-in JavaScript objects.
Arrow functions
,
default parameters
, and
array convenience methods
make common idioms simpler to program and reduce the need to copy and paste boilerplate code between projects. It can be difficult to reason about JavaScript’s asynchronous execution flow and nested callbacks, so ES6 introduces
promises
,
iterators, and generators
to simplify asynchronous code, make control flow more expressive, and make writing bug-free code easier. Powerful features like
proxies
and
well-known symbols
also give advanced developers the ability to customize language behavior to better match their application’s needs.
In order for websites to take full advantage of these new JavaScript features, multiple browsers must support the latest specifications. Fortunately, cross-browser support has rapidly improved in the past few months. The latest development versions of all modern browsers now support more than 90% of ES6, with polyfills and transpilation available to add support to older browsers as well. Adoption will continue to expand over the coming months, given that the ability to load JavaScript modules from HTML was recently standardized with the
<script type="module">
tag. Chromium has already started implementing this new tag, and module support will be
available soon
, making it even easier to write and ship websites with ES6 and ES7 code.
For more details on the JavaScript standards process, features still under discussion such as proper tail calls, and a deeper dive into the technical side of spec conformance, visit the
V8 blog
. Check back soon to hear more about upcoming JavaScript features and continued performance optimizations.
Posted by Seth Thompson, Product Manager and ECMAScript ESsayist
Chrome 51 Beta: Credential Management API and reducing the overhead of offscreen rendering
Friday, April 29, 2016
Unless otherwise noted, changes described below apply to the newest Chrome
Beta
channel release for Android, Chrome OS, Linux, Mac, and Windows.
Credential Management API
Many sites allow their users to sign in to receive personalized content. Today that requires remembering and typing credentials, which lowers account security when users reuse passwords across multiple sites. Modern browsers have credential managers that remember and autofill saved passwords, but these managers cannot account for custom login flows or remember
federated identity
preferences.
The latest version of Chrome now supports the
Credential Management API
, allowing sites to
interact with the browser’s credential manager
to improve the login experience for users. The API enables users to sign in with one tap and lets them automatically sign back in when returning to the site.
Signing in with one tap using the Credential Management API
Reducing the overhead of offscreen rendering
Modern websites commonly embed cross-origin content like videos, social widgets, and ads. Embedding these resources allows sites to offer compelling content experiences, but it also creates a lot of overhead that can jank the page in ways the embedding site can’t control. The latest version of Chrome
no longer runs the rendering pipeline
or
requestAnimationFrame()
callbacks for cross-origin frames that are offscreen. This eliminates unnecessary work and
reduces power consumption by up to 30%
on several popular mobile sites without affecting the user experience.
Additional features in this release
The
Intersection Observer API
allows sites to
detect element intersections
as an asynchronous event, eliminating the need for costly document monitoring.
The latest version of Chrome supports
passive event listeners
, which allow sites to run JavaScript in response to touch and wheel input without blocking scrolling.
Blobs are now
constructed and transferred to the browser asynchronously
, allowing large data files to be moved without janking the page.
The
SameSite
cookie attribute
allows sites to restrict cookies to requests from the same domain.
Support for the
AES_256_GCM
cipher on TLS
improves security on servers that choose cipher by key size, where legacy 256-bit ciphers were used over more secure, but smaller, ciphers.
Array.prototype.values()
makes it easier to iterate over the elements of an array.
The
function
name
property
now infers useful names for properties and methods with computed property names,
making debugging easier with clearer labels and error messages
.
Iterators that are part of a
for-of
loop that terminates early now call a developer-provided
close()
method, making it easier to respond to the end of an iteration.
Symbol.species
makes subclassing
built-in classes such as Array and RegExp
more powerful by allowing custom constructors to be called for derived objects.
RegExp
subclasses can overwrite the
exec()
method to change the matching algorithm, making it easier to write custom subclasses.
Sites can now can implement their own
Symbol.hasInstance()
method to customize behavior of the
instanceof
operator.
Sites can now retrieve a service worker’s
Client
object using
Clients.get(id)
.
ServiceWorker.postMessage()
now fires an
ExtendableMessageEvent
on
ServiceWorkerGlobalScope
, allowing the message to extend the service worker lifetime and provide more accurate message sources.
The HTML
referrerpolicy
attribute
allows sites to control what information is sent in the referrer headers of
<a>
,
<area>
,
<img>
, and
<iframe>
elements.
The
UIEvents KeyboardEvent |key|
attribute
allows sites to reliably
determine the meaning of the key being pressed
.
Sites can now detect the duration of batched offline audio contexts using the
OfflineAudioContext.length
attribute
.
SPDY and ALPN support has been removed in favor of the standards-based HTTP/2 protocol.
Other changes
The ability to customize the message shown in the
onbeforeunload
dialog
has been removed
to protect users from malicious websites and align with other browsers.
Chrome on Android now uses the same media pipeline as desktop Chrome, improving
WebAudio
support and allowing sites to interact with the playback rate on
<audio>
and
<video> tags
.
The latest version of Chrome improves web animations interoperability by supporting lists of values and removing dashed-names in keyframes.
Chrome now
requires a border style
to paint border images, improving
spec
compliance and interoperability.
Percentages can now be used
for the sizes of flex item children.
DHE-based ciphers have been deprecated and will be removed in Chrome 52
in favor of ECDHE
ciphers to improve TLS security.
Posted by Sabine Borsay and Mike West, Authenticator's Apprentices
Ensuring transparency and choice in the Chrome Web Store
Friday, April 15, 2016
Updated 7/12/2016: High submission volume has led to review latency that is longer than normal, so we've extended the grace period. The new policy will be enforced beginning
September 6th, 2016
.
Today we’re updating the User Data Policy for the Chrome Web Store. Principles of transparency and choice over how users’ personal data is handled have long been key parts of Google’s philosophy. Since early on, Chrome has included
privacy-protecting features
to give users control over their browsing experience, including incognito mode and granular privacy preferences. Now, we’re consolidating and expanding our policies about user data to ensure our Chrome Web Store developers follow similar principles.
Chrome provides robust APIs that empower developers to create compelling extensions and apps, and users often need to provide access to their data to allow these services to run. The new
User Data Policy
extends existing policies to ensure transparent use of the data in a way that is consistent with the wishes and expectations of users.
Some of the new requirements for developers are:
Be transparent about the handling of user data and disclose privacy practices
Post a privacy policy and use encryption, when handling personal or sensitive information, and
Ask users to consent to the collection of personal or sensitive data via a prominent disclosure, when the use of the data isn’t related to a prominent feature.
The policy also has other requirements, including prohibiting the collection of web browsing activity when it’s not required for an item’s main functionality. The full text of the policy is available in our
Developer Program Policies
and more information is available in the
FAQ
section.
We'll notify developers when we discover items that violate the User Data Policy, and they'll have until July 14, 2016 to make any changes needed for compliance.
Starting July 15th, 2016, items that violate the policy will be removed from the Web Store and will need to become compliant to be reinstated.
Protecting our users is our key priority, and we believe this change will make sure users are better informed and allow them to choose how their user data is handled.
Posted by Teresita Perez and Athas Nikolakakos, Chrome Policy Team
Labels
$200K
1
10th birthday
4
abusive ads
1
abusive notifications
2
accessibility
3
ad blockers
1
ad blocking
2
advanced capabilities
1
android
2
anti abuse
1
anti-deception
1
background periodic sync
1
badging
1
benchmarks
1
beta
83
better ads standards
1
billing
1
birthday
4
blink
2
browser
2
browser interoperability
1
bundles
1
capabilities
6
capable web
1
cds
1
cds18
2
cds2018
1
chrome
35
chrome 81
1
chrome 83
2
chrome 84
2
chrome ads
1
chrome apps
5
Chrome dev
1
chrome dev summit
1
chrome dev summit 2018
1
chrome dev summit 2019
1
chrome developer
1
Chrome Developer Center
1
chrome developer summit
1
chrome devtools
1
Chrome extension
1
chrome extensions
3
Chrome Frame
1
Chrome lite
1
Chrome on Android
2
chrome on ios
1
Chrome on Mac
1
Chrome OS
1
chrome privacy
4
chrome releases
1
chrome security
10
chrome web store
32
chromedevtools
1
chromeframe
3
chromeos
4
chromeos.dev
1
chromium
9
cloud print
1
coalition
1
coalition for better ads
1
contact picker
1
content indexing
1
cookies
1
core web vitals
2
csrf
1
css
1
cumulative layout shift
1
custom tabs
1
dart
8
dashboard
1
Data Saver
3
Data saver desktop extension
1
day 2
1
deceptive installation
1
declarative net request api
1
design
2
developer dashboard
1
Developer Program Policy
2
developer website
1
devtools
13
digital event
1
discoverability
1
DNS-over-HTTPS
4
DoH
4
emoji
1
emscriptem
1
enterprise
1
extensions
27
Fast badging
1
faster web
1
features
1
feedback
2
field data
1
first input delay
1
Follow
1
fonts
1
form controls
1
frameworks
1
fugu
2
fund
1
funding
1
gdd
1
google earth
1
google event
1
google io 2019
1
google web developer
1
googlechrome
12
harmful ads
1
html5
11
HTTP/3
1
HTTPS
4
iframes
1
images
1
incognito
1
insecure forms
1
intent to explain
1
ios
1
ios Chrome
1
issue tracker
3
jank
1
javascript
5
lab data
1
labelling
1
largest contentful paint
1
launch
1
lazy-loading
1
lighthouse
2
linux
2
Lite Mode
2
Lite pages
1
loading interventions
1
loading optimizations
1
lock icon
1
long-tail
1
mac
1
manifest v3
2
metrics
2
microsoft edge
1
mixed forms
1
mobile
2
na
1
native client
8
native file system
1
New Features
5
notifications
1
octane
1
open web
4
origin trials
2
pagespeed insights
1
pagespeedinsights
1
passwords
1
payment handler
1
payment request
1
payments
2
performance
20
performance tools
1
permission UI
1
permissions
1
play store
1
portals
3
prefetching
1
privacy
2
privacy sandbox
4
private prefetch proxy
1
profile guided optimization
1
progressive web apps
2
Project Strobe
1
protection
1
pwa
1
QUIC
1
quieter permissions
1
releases
3
removals
1
rlz
1
root program
1
safe browsing
2
Secure DNS
2
security
36
site isolation
1
slow loading
1
sms receiver
1
spam policy
1
spdy
2
spectre
1
speed
4
ssl
2
store listing
1
strobe
2
subscription pages
1
suspicious site reporter extension
1
TCP
1
the fast and the curious
23
TLS
1
tools
1
tracing
1
transparency
1
trusted web activities
1
twa
2
user agent string
1
user data policy
1
v8
6
video
2
wasm
1
web
1
web apps
1
web assembly
2
web developers
1
web intents
1
web packaging
1
web payments
1
web platform
1
web request api
1
web vitals
1
web.dev
1
web.dev live
1
webapi
1
webassembly
1
webaudio
3
webgl
7
webkit
5
WebM
1
webmaster
1
webp
5
webrtc
6
websockets
5
webtiming
1
writable-files
1
yerba beuna center for the arts
1
Archive
2024
Aug
Jun
May
Apr
Mar
Feb
2023
Nov
Oct
Sep
Aug
Jun
May
Apr
Feb
2022
Dec
Sep
Aug
Jun
May
Apr
Mar
Feb
Jan
2021
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2020
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2019
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2018
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2017
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Feed
Follow @ChromiumDev
Give us feedback in our
Product Forums
.
