Chromium Blog
News and developments from the open source browser project
Chrome 51 Beta: Credential Management API and reducing the overhead of offscreen rendering
Friday, April 29, 2016
Unless otherwise noted, changes described below apply to the newest Chrome
Beta
channel release for Android, Chrome OS, Linux, Mac, and Windows.
Credential Management API
Many sites allow their users to sign in to receive personalized content. Today that requires remembering and typing credentials, which lowers account security when users reuse passwords across multiple sites. Modern browsers have credential managers that remember and autofill saved passwords, but these managers cannot account for custom login flows or remember
federated identity
preferences.
The latest version of Chrome now supports the
Credential Management API
, allowing sites to
interact with the browser’s credential manager
to improve the login experience for users. The API enables users to sign in with one tap and lets them automatically sign back in when returning to the site.
Signing in with one tap using the Credential Management API
Reducing the overhead of offscreen rendering
Modern websites commonly embed cross-origin content like videos, social widgets, and ads. Embedding these resources allows sites to offer compelling content experiences, but it also creates a lot of overhead that can jank the page in ways the embedding site can’t control. The latest version of Chrome
no longer runs the rendering pipeline
or
requestAnimationFrame()
callbacks for cross-origin frames that are offscreen. This eliminates unnecessary work and
reduces power consumption by up to 30%
on several popular mobile sites without affecting the user experience.
Additional features in this release
The
Intersection Observer API
allows sites to
detect element intersections
as an asynchronous event, eliminating the need for costly document monitoring.
The latest version of Chrome supports
passive event listeners
, which allow sites to run JavaScript in response to touch and wheel input without blocking scrolling.
Blobs are now
constructed and transferred to the browser asynchronously
, allowing large data files to be moved without janking the page.
The
SameSite
cookie attribute
allows sites to restrict cookies to requests from the same domain.
Support for the
AES_256_GCM
cipher on TLS
improves security on servers that choose cipher by key size, where legacy 256-bit ciphers were used over more secure, but smaller, ciphers.
Array.prototype.values()
makes it easier to iterate over the elements of an array.
The
function
name
property
now infers useful names for properties and methods with computed property names,
making debugging easier with clearer labels and error messages
.
Iterators that are part of a
for-of
loop that terminates early now call a developer-provided
close()
method, making it easier to respond to the end of an iteration.
Symbol.species
makes subclassing
built-in classes such as Array and RegExp
more powerful by allowing custom constructors to be called for derived objects.
RegExp
subclasses can overwrite the
exec()
method to change the matching algorithm, making it easier to write custom subclasses.
Sites can now can implement their own
Symbol.hasInstance()
method to customize behavior of the
instanceof
operator.
Sites can now retrieve a service worker’s
Client
object using
Clients.get(id)
.
ServiceWorker.postMessage()
now fires an
ExtendableMessageEvent
on
ServiceWorkerGlobalScope
, allowing the message to extend the service worker lifetime and provide more accurate message sources.
The HTML
referrerpolicy
attribute
allows sites to control what information is sent in the referrer headers of
<a>
,
<area>
,
<img>
, and
<iframe>
elements.
The
UIEvents KeyboardEvent |key|
attribute
allows sites to reliably
determine the meaning of the key being pressed
.
Sites can now detect the duration of batched offline audio contexts using the
OfflineAudioContext.length
attribute
.
SPDY and ALPN support has been removed in favor of the standards-based HTTP/2 protocol.
Other changes
The ability to customize the message shown in the
onbeforeunload
dialog
has been removed
to protect users from malicious websites and align with other browsers.
Chrome on Android now uses the same media pipeline as desktop Chrome, improving
WebAudio
support and allowing sites to interact with the playback rate on
<audio>
and
<video> tags
.
The latest version of Chrome improves web animations interoperability by supporting lists of values and removing dashed-names in keyframes.
Chrome now
requires a border style
to paint border images, improving
spec
compliance and interoperability.
Percentages can now be used
for the sizes of flex item children.
DHE-based ciphers have been deprecated and will be removed in Chrome 52
in favor of ECDHE
ciphers to improve TLS security.
Posted by Sabine Borsay and Mike West, Authenticator's Apprentices
Labels
$200K
1
10th birthday
4
abusive ads
1
abusive notifications
2
accessibility
3
ad blockers
1
ad blocking
2
advanced capabilities
1
android
2
anti abuse
1
anti-deception
1
background periodic sync
1
badging
1
benchmarks
1
beta
83
better ads standards
1
billing
1
birthday
4
blink
2
browser
2
browser interoperability
1
bundles
1
capabilities
6
capable web
1
cds
1
cds18
2
cds2018
1
chrome
35
chrome 81
1
chrome 83
2
chrome 84
2
chrome ads
1
chrome apps
5
Chrome dev
1
chrome dev summit
1
chrome dev summit 2018
1
chrome dev summit 2019
1
chrome developer
1
Chrome Developer Center
1
chrome developer summit
1
chrome devtools
1
Chrome extension
1
chrome extensions
3
Chrome Frame
1
Chrome lite
1
Chrome on Android
2
chrome on ios
1
Chrome on Mac
1
Chrome OS
1
chrome privacy
4
chrome releases
1
chrome security
8
chrome web store
32
chromedevtools
1
chromeframe
3
chromeos
4
chromeos.dev
1
chromium
7
cloud print
1
coalition
1
coalition for better ads
1
contact picker
1
content indexing
1
cookies
1
core web vitals
2
csrf
1
css
1
cumulative layout shift
1
custom tabs
1
dart
8
dashboard
1
Data Saver
3
Data saver desktop extension
1
day 2
1
deceptive installation
1
declarative net request api
1
design
2
developer dashboard
1
Developer Program Policy
2
developer website
1
devtools
13
digital event
1
discoverability
1
DNS-over-HTTPS
4
DoH
4
emoji
1
emscriptem
1
enterprise
1
extensions
27
Fast badging
1
faster web
1
features
1
feedback
2
field data
1
first input delay
1
Follow
1
fonts
1
form controls
1
frameworks
1
fugu
2
fund
1
funding
1
gdd
1
google earth
1
google event
1
google io 2019
1
google web developer
1
googlechrome
12
harmful ads
1
html5
11
HTTP/3
1
HTTPS
4
iframes
1
images
1
incognito
1
insecure forms
1
intent to explain
1
ios
1
ios Chrome
1
issue tracker
1
jank
1
javascript
5
lab data
1
labelling
1
largest contentful paint
1
launch
1
lazy-loading
1
lighthouse
2
linux
2
Lite Mode
2
Lite pages
1
loading interventions
1
loading optimizations
1
lock icon
1
long-tail
1
mac
1
manifest v3
2
metrics
2
microsoft edge
1
mixed forms
1
mobile
2
na
1
native client
8
native file system
1
New Features
5
notifications
1
octane
1
open web
4
origin trials
2
pagespeed insights
1
pagespeedinsights
1
passwords
1
payment handler
1
payment request
1
payments
2
performance
20
performance tools
1
permission UI
1
permissions
1
play store
1
portals
3
prefetching
1
privacy
2
privacy sandbox
4
private prefetch proxy
1
profile guided optimization
1
progressive web apps
2
Project Strobe
1
protection
1
pwa
1
QUIC
1
quieter permissions
1
releases
3
removals
1
rlz
1
root program
1
safe browsing
2
Secure DNS
2
security
36
site isolation
1
slow loading
1
sms receiver
1
spam policy
1
spdy
2
spectre
1
speed
4
ssl
2
store listing
1
strobe
2
subscription pages
1
suspicious site reporter extension
1
TCP
1
the fast and the curious
20
TLS
1
tools
1
tracing
1
transparency
1
trusted web activities
1
twa
2
user agent string
1
user data policy
1
v8
6
video
2
wasm
1
web
1
web apps
1
web assembly
2
web developers
1
web intents
1
web packaging
1
web payments
1
web platform
1
web request api
1
web vitals
1
web.dev
1
web.dev live
1
webapi
1
webassembly
1
webaudio
3
webgl
7
webkit
5
WebM
1
webmaster
1
webp
5
webrtc
6
websockets
5
webtiming
1
writable-files
1
yerba beuna center for the arts
1
Archive
2023
Nov
Oct
Sep
Aug
Jun
May
Apr
Feb
2022
Dec
Sep
Aug
Jun
May
Apr
Mar
Feb
Jan
2021
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2020
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2019
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2018
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2017
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Feed
Follow @ChromiumDev
Give us feedback in our
Product Forums
.
