Chromium Blog
News and developments from the open source browser project
Introducing the WebVR API in Chrome for Android
martedì 13 dicembre 2016
Virtual Reality (VR) is rapidly growing in popularity, and now it's coming to the web. The power of the web is that it can allow VR to work across browsers and hardware, accessible via a single click. This enables VR developers to broadly reach users across multiple types of headsets with a single web app. Here’s how to get started.
Chrome 56 for Android is now available in beta, and web developers can sign up for an
Origin Trial
which enables the
WebVR API
and
GamePad API extensions
. The WebVR API provides access to the input and output capabilities of virtual reality devices such as Daydream View. It also provides access to the user’s position and orientation, so that web apps can render a stereoscopic 3D scene to the headset's display. The Gamepad API extensions provide access to input from motion controllers, such as the Daydream controller, and enables natural interactions in VR.
Origin Trials allow a developer to temporarily enable the feature for all Chrome users visiting their website. The WebVR API is still evolving and will undergo further changes based on developer feedback before being enabled by default for all pages. WebVR will be extended to desktop platforms and Google Cardboard in a future Chrome release, and several performance improvements are coming in Chrome 57.
To learn how to get started and build your first WebVR web app, visit the
WebVR developer site
for tutorials and samples. Join the conversation by
giving feedback on the API
or
the Chrome implementation
and joining the
WebVR Slack channel
.
Posted by Brandon Jones, Virtual Reality Plumber
Roll-out plan for HTML5 by Default
venerdì 9 dicembre 2016
Four months ago we
announced
that we’d be moving to HTML5 By Default to offer a safer, more power-efficient experience. As a
reminder
, this change disables Adobe Flash Player unless there’s a user indication that they want Flash content on specific sites, and eventually all websites will require the user’s permission to run Flash. To ensure a smooth transition, not all users and sites will be affected immediately. HTML5 by Default and the associated user prompts will be introduced gradually as follows.
The feature will be rolled out to users over a few months. HTML5 By Default will be enabled for 1% of users of Chrome 55 Stable in the next few days. The feature is also enabled for 50% of Chrome 56 beta users. With Chrome 56 stable in February, we plan to enable it for all users.
Starting in January users will be prompted to run Flash on a site-by-site basis for sites that they have never visited before. We want to avoid over-prompting users, so over time we’ll tighten this restriction using
Site Engagement Index
, a heuristic for how much a user interacts with a site based on their browsing activity. In October all sites will require user permission to run Flash.
More details, including specific Site Engagement Index thresholds, are available on the
Flash Roadmap Page
. Developers can find
recommendations
on how to test their Flash sites there as well. As sites transition from Flash to HTML5, this change will no longer affect them and the entire web will become faster, more secure and power-efficient.
Posted by Eric Deily, wrangler of the Default
Chrome 56 Beta: “Not Secure” warning, Web Bluetooth, and CSS position: sticky
giovedì 8 dicembre 2016
Unless otherwise noted, changes described below apply to the newest Chrome
Beta
channel release for Android, Chrome OS, Linux, Mac, and Windows.
“Not Secure” warning for HTTP password and credit card pages
To help users browse safely, Chrome indicates connection security with an icon in the address bar. Historically, Chrome has not explicitly labelled HTTP connections as non-secure. Starting in version 56, Chrome will
mark
HTTP pages
that collect passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure. The feature will roll out gradually over the next few weeks.
To avoid being labeled insecure, sites should
secure their traffic with HTTPS
and follow
general security guidelines
.
Chrome ‘Not Secure’ warning appearing in the URL bar for a site with an HTTP connection
Web Bluetooth
Sites can now interact with Bluetooth Low Energy (BLE) devices using the
Web Bluetooth API
o
n
A
n
d
r
o
i
d
,
C
h
r
o
m
e
O
S
,
a
n
d
Mac.
The Web Bluetooth API uses the
GATT protocol
, which enables web developers to
connect to bluetooth devices
such as
printers and LED displays
with just a few lines of JavaScript. Web Bluetooth can also be combined with
Physical Web
beacons to discover and control nearby devices. To get started, check out these
samples
and
demos
on GitHub.
An Android device connecting to a BLE-enabled heart rate monitor via the web (
source
)
CSS position: sticky
Chrome now supports CSS
position: sticky
, a new way to position elements. A
position: sticky
element is relatively-positioned, but becomes
position: fixed
after the user reaches a certain scroll position.
Previously, building content headers that scrolled normally until sticking to the top of the viewport required listening to scroll events and switching an element’s position from
relative
to
fixed
at a specified threshold. This solution was difficult to synchronize, resulting in small visual jumps. Now, users can achieve the desired effect by simply positioning their elements as
sticky
.
Other features in this release
The new
Remote Playback API
on Android
enables sites to initiate and control playback of an
HTMLMediaElement
on smart TVs and speakers
.
The
WebVR API
is available on Android as an
origin trial
, allowing developers to create virtual reality experiences on the web.
The
WebGL 2.0 API
is enabled by default on desktop platforms, providing
OpenGL ES 3.0
level rendering capabilities via the
<canvas>
element.
Support for Adobe Flash will no longer be advertised in
navigator.plugins
and
navigator.mimetypes
if the user has not
substantially interacted
with a site, though users can re-enable Flash experiences on a per-site basis.
Sites can now experiment with
taking photos and configuring camera settings like zoom
using the
Image Capture
origin trial
.
When content changes above the viewport, Chrome now automatically adjusts the
scroll position
to keep content in the viewport fixed unless the CSS
overflow-anchor
property is set.
The
Notifications API
now allows sites to
include an image in notifications
by setting the
image
property.
The
PaymentRequest API
has a variety of
new features
including
requestPayerName
and JSON serialization.
Showing and hiding the URL bar on mobile no longer
resizes
the initial containing block or elements sized with viewport units such as
vh
.
Text input elements such as
<input type="text">
now have spell-checking enabled by default on Android devices with at least 512 MB of memory and a system dictionary.
The generic font family used to fit content within the UI has been standardized and renamed as
system-ui
on all platforms.
The new
Referrer-Policy HTTP
header allows sites to forward site traffic by URL without leaking the user’s session identifier or other private information.
KeyboardEvent.isComposing()
allows sites to
determine
if the user is typing based on recent
KeyboardEvents
, without monitoring keyboard events directly.
Chrome for Android now sets the default
preload
attribute for videos to
metadata
on cellular connections, showing a preview image and time information to match other mobile browsers.
Chrome now supports
TLS 1.3
and includes 1-RTT based on
draft-18
.
Sites can use
ImageBitmapRenderingContext
to reduce memory consumption and compositing overhead by rendering pixel data in the form of an
ImageBitmap
.
Sites can respond to pinch gestures using the
pinch-zoom
CSS
touch-action
property.
ConstantSourceNode
is a new audio source node that produces a constant output mixed with an
AudioParam
.
Two Web Audio
ChannelSplitterNode
Interface
attributes are now read-only:
channelCount
, which is defined by
numberOfOutputs
in
createChannelSplitter()
, and
channelCountMode
, which is set to explicit.
PannerNode.rolloffFactor
now clamps to the nominal range of a
PannerNode’s
distance model to describe the volume reduction rate as the source moves away from the listener.
window.prompt()
will no longer focus its parent tab if the page is not currently in the foreground, and the dialog will be automatically dismissed.
To match behavior on Windows, Chrome Extensions can now override default search, startup, and homepage settings on Mac with the Chrome
Settings Overrides API
.
Support for
FLAC
is enabled within the FLAC and
Ogg
containers for the
<audio>
tag and
decodeAudioData()
.
OPUS
can now be used with
decodeAudioData()
, expanding the variety of audio codecs supported by the
WebAudio API
.
Deprecations and interoperability improvements
The WebAudio API no longer includes the deprecated Doppler API, including
speedOfSound
,
dopplerFactor
, and
setVelocity
.
To improve standards conformance,
RTCPeerConnection
now accepts
iceTransportPolicy
as an
RTCConfiguration
parameter as well as
iceTransports
.
RTCPeerConnection
is now available without a webkit prefix, though
webkitRTCPeerConnection
still remains.
Non-whitespace unicode control characters will now be rendered according to the
specification
, rather than being ignored.
The
reflected-xss
directive has been removed from
Content Security Policy 2
since it was solely a wrapper for the
X-XSS-Protection
header and provided no additional functionality.
Support for the
MediaStreamTrack.getSources()
method has been removed in favor of
MediaDevices.enumerateDevices()
.
The CSP
referrer
directive is no longer supported in favor of the new
Referrer-Policy
header.
ShadowDOM’s
slotchange
events bubble, but no longer re-fires, at a
slot
's
assignedSlot
.
Legacy CBC-mode
ECDSA
cipher suites
ECDHE_ECDSA_WITH_AES_128_CBC_SHA
and
ECDHE_ECDSA_WITH_AES_256_CBC_SHA
have been removed in favor of modern ciphers such as
ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
.
ECDSA with both SHA-1 and SHA-512 have been removed to reduce dependencies on SHA-1 and align with TLS 1.3's new ECDSA handling.
Chrome no longer allows opening of pop-ups during inputs which represent a touch scroll, such as
touchstart
and
touchmove
.
Sites will no longer initiate fetches for scripts with invalid
type
or
language
attributes, such as
type="python"
, unless triggered by declarative fetches using
link
preload
.
MIDIMessageEvent.receivedTime
has been deprecated in favor of
Event.timeStamp
, since
Event.timeStamp
now supports high-resolution monotonic time instead of epoch time.
Posted by
Vincent Scheib, Web Bluetooth Orthodontist
Etichette
$200K
1
10th birthday
4
abusive ads
1
abusive notifications
2
accessibility
3
ad blockers
1
ad blocking
2
advanced capabilities
1
android
2
anti abuse
1
anti-deception
1
background periodic sync
1
badging
1
benchmarks
1
beta
83
better ads standards
1
billing
1
birthday
4
blink
2
browser
2
browser interoperability
1
bundles
1
capabilities
6
capable web
1
cds
1
cds18
2
cds2018
1
chrome
35
chrome 81
1
chrome 83
2
chrome 84
2
chrome ads
1
chrome apps
5
Chrome dev
1
chrome dev summit
1
chrome dev summit 2018
1
chrome dev summit 2019
1
chrome developer
1
Chrome Developer Center
1
chrome developer summit
1
chrome devtools
1
Chrome extension
1
chrome extensions
3
Chrome Frame
1
Chrome lite
1
Chrome on Android
2
chrome on ios
1
Chrome on Mac
1
Chrome OS
1
chrome privacy
4
chrome releases
1
chrome security
10
chrome web store
32
chromedevtools
1
chromeframe
3
chromeos
4
chromeos.dev
1
chromium
9
cloud print
1
coalition
1
coalition for better ads
1
contact picker
1
content indexing
1
cookies
1
core web vitals
2
csrf
1
css
1
cumulative layout shift
1
custom tabs
1
dart
8
dashboard
1
Data Saver
3
Data saver desktop extension
1
day 2
1
deceptive installation
1
declarative net request api
1
design
2
developer dashboard
1
Developer Program Policy
2
developer website
1
devtools
13
digital event
1
discoverability
1
DNS-over-HTTPS
4
DoH
4
emoji
1
emscriptem
1
enterprise
1
extensions
27
Fast badging
1
faster web
1
features
1
feedback
2
field data
1
first input delay
1
Follow
1
fonts
1
form controls
1
frameworks
1
fugu
2
fund
1
funding
1
gdd
1
google earth
1
google event
1
google io 2019
1
google web developer
1
googlechrome
12
harmful ads
1
html5
11
HTTP/3
1
HTTPS
4
iframes
1
images
1
incognito
1
insecure forms
1
intent to explain
1
ios
1
ios Chrome
1
issue tracker
3
jank
1
javascript
5
lab data
1
labelling
1
largest contentful paint
1
launch
1
lazy-loading
1
lighthouse
2
linux
2
Lite Mode
2
Lite pages
1
loading interventions
1
loading optimizations
1
lock icon
1
long-tail
1
mac
1
manifest v3
2
metrics
2
microsoft edge
1
mixed forms
1
mobile
2
na
1
native client
8
native file system
1
New Features
5
notifications
1
octane
1
open web
4
origin trials
2
pagespeed insights
1
pagespeedinsights
1
passwords
1
payment handler
1
payment request
1
payments
2
performance
20
performance tools
1
permission UI
1
permissions
1
play store
1
portals
3
prefetching
1
privacy
2
privacy sandbox
4
private prefetch proxy
1
profile guided optimization
1
progressive web apps
2
Project Strobe
1
protection
1
pwa
1
QUIC
1
quieter permissions
1
releases
3
removals
1
rlz
1
root program
1
safe browsing
2
Secure DNS
2
security
36
site isolation
1
slow loading
1
sms receiver
1
spam policy
1
spdy
2
spectre
1
speed
4
ssl
2
store listing
1
strobe
2
subscription pages
1
suspicious site reporter extension
1
TCP
1
the fast and the curious
23
TLS
1
tools
1
tracing
1
transparency
1
trusted web activities
1
twa
2
user agent string
1
user data policy
1
v8
6
video
2
wasm
1
web
1
web apps
1
web assembly
2
web developers
1
web intents
1
web packaging
1
web payments
1
web platform
1
web request api
1
web vitals
1
web.dev
1
web.dev live
1
webapi
1
webassembly
1
webaudio
3
webgl
7
webkit
5
WebM
1
webmaster
1
webp
5
webrtc
6
websockets
5
webtiming
1
writable-files
1
yerba beuna center for the arts
1
Archive
2024
ago
giu
mag
apr
mar
feb
2023
nov
ott
set
ago
giu
mag
apr
feb
2022
dic
set
ago
giu
mag
apr
mar
feb
gen
2021
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2020
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2019
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2018
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2017
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2016
dic
nov
ott
set
ago
giu
mag
apr
mar
feb
gen
2015
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2014
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2013
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2012
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2011
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2010
dic
nov
ott
set
ago
lug
giu
mag
apr
mar
feb
gen
2009
dic
nov
set
ago
lug
giu
mag
apr
mar
feb
gen
2008
dic
nov
ott
set
Feed
Follow @ChromiumDev
Give us feedback in our
Product Forums
.