We all benefit from an open web that is secure, powerful, and fast. Over the past year, we’ve focused our efforts on strengthening the web in three areas:
This post is a synopsis of the updates we shared during today’s keynote at Chrome Dev Summit.
We’ve continued work on the Privacy Sandbox and we are committed to developing an open set of standards that fundamentally enhance privacy on the web. Together with the web community, we're building new privacy-preserving alternatives to third-party cookies or other cross-site tracking mechanisms. With the Client Hints API, we’re reducing the fingerprinting surface of Chrome, and we have two solutions for you to experiment with via our Chrome origin trials. The Click Conversion Measurement API measures ad conversions without using cross-site identifiers, and the Trust Token APIs help convey trust from one context to another without passive tracking.
Similarly, the security and privacy of extensions has become of utmost importance with hundreds of millions of people using over 250,000 items in the Chrome Web Store. We believe extensions must be trustworthy by default and it’s why we announced a draft proposal for a number of changes to our extension platform. After incorporating a number of different suggestions from extension developers, we're ready to launch the stable release of Manifest V3 with the goal of increased security, more control and privacy for users, and improved performance.
With Manifest V3, remote hosted code is no longer permissible to prevent malicious extensions that abuse user privacy and security. Additionally, the new extensions model allows users to withhold sensitive permissions at install time. Lastly, a new approach to background logic with the introduction of service workers for background pages and a new declarative model for extension APIs provides users more consistent performance guarantees. Manifest V3 is now available to experiment with on Chrome 88 beta, with the Chrome Web Store accepting Manifest V3 extensions mid-January when Chrome 88 reaches stable.
Great examples are coming to life from developers who are building new experiences on the web. Gravit Designer makes it easy for users to read and write files with File System Access APIs and allows the use of specialized fonts installed locally with the new Local Font Access API. Adobe has made it easy for users to create stunning visual stories and beautifully designed content with their Spark web app.
Today, we are adding new capabilities for Progress Web Apps (PWAs) to increase their discoverability by being listed in the Google Play Store. In Chrome 86 we gave you the ability to list your PWA in the Play Store using a Trusted Web Activity. We’ve now made it possible for you to start accepting payments using the new Digital Goods API in Chrome 88.
Chrome’s performance—speed and usage of resources like power, memory, or CPU—has always been top of mind so you can deliver the best experience for all our users.
Earlier this year, we made some key improvements to speed with Profile Guided Optimization & Tab throttling and today, we announced a significant reduction of V8’s memory footprint. Apart from making great strides in memory savings through V8 pointer compression, we’ve eliminated parsing pauses entirely by loading a webpage’s JavaScript files in parallel, so scripts can be parsed and compiled and ready to execute as soon as they’re needed by the page.
Since we announced our Web Vitals initiative, they are being increasingly used to measure web page performance. Google Search announced new signals to search ranking will include Core Web Vitals starting in May 2021. In addition to the Chrome User Experience Report, Search Console’s Core Web Vitals report, and many other Google tools, other providers like Cloudflare are surfacing Core Web Vitals as web page performance metrics.
Last summer, we released the web-vitals Javascript library for those sites using Google Analytics. Today we announced the Web Vitals Report, an open source website and tool that lets you query and visualize your Web Vitals metrics data in Google Analytics, enabling you to easily compare performance data across segments.
Finally, we’ve been listening to your feedback and hearing about your difficulties in building web interfaces. We’ve been working to improve the web’s styling capabilities and shipped content-visibility, a CSS feature that significantly improves rendering performance. Look for more updates and tools to improve UI styling, including the announcement of Houdini.how, a set of APIs that makes it easier for you to extend CSS.
Chrome Dev Summit has always been about connecting with the community. Although we weren’t able to convene together in person, the Chrome team launched a PWA to bring the best parts of a physical conference -- serendipitous conversations, discovering new things, and collecting swag -- to life with Chrome Dev Summit Adventure. We can’t wait to hear what you think of this experiment and look forward to chatting with you in real-time.
Become part of the community and join a Google Developer Group around the world. Check out the full list of CDS Extended events that brings together regional developer communities to recap the highlights from Chrome Dev Summit 2020 along with live interactive sessions.
Watch the sessions any time on our YouTube channel and for all the latest updates on the web, sign up for the web.dev newsletter.
See you next year!
Posted by Ben Galbraith & Dion Almaer
With hundreds of millions of people using over 250,000 items in the Chrome Web Store, extensions have become essential to how many of us experience the web and get work done online. We believe extensions must be trustworthy by default, which is why we’ve spent this year making extensions safer for everyone.
Today we’re officially announcing the planned rollout of Manifest V3 for Chrome Extensions, a new version of the extensions platform that makes extensions more secure, performant, and private-respecting by default.
With the introduction of Manifest V3, we will disallow remotely hosted code. This mechanism is used as an attack vector by bad actors to circumvent Google’s malware detection tools and poses a significant risk to user privacy and security.
The removal of remotely hosted code will also allow us to more thoroughly and quickly review submissions to the Chrome Web Store. Developers will then be able to release updates to their users more quickly.
On the extensions team, we believe that a trustworthy Chrome and a trustworthy extensions experience is not only great for users but is also essential for developers. In the long run, Manifest V3 will help the extension ecosystem continue to be a place that people can trust.
We know that performance is key to a great user experience, and as we began work on the third iteration of our extension platform, performance was a foundational consideration. Two areas where this has manifested are our approach to background logic and API design.
First, we are introducing service workers as a replacement for background pages. Unlike persistent background pages, which remain active in the background and consume system resources regardless of whether the extension is actively using them, service workers are ephemeral. This ephemerality allows Chrome to lower overall system resource utilization since the browser can start up and tear down service workers as needed.
Second, we are moving to a more declarative model for extension APIs in general. In addition to security benefits, this provides a more reliable end-user performance guarantee across the board by eliminating the need for serialization and inter-process communication. The end result is better overall performance and improved privacy guarantees for the vast majority of extension users.
To give users greater visibility and control over how extensions use and share their data, we’re moving to an extensions model that makes more permissions optional and allows users to withhold sensitive permissions at install time. Long-term, extension developers should expect users to opt in or out of permissions at any time.
For extensions that currently require passive access to web activity, we’re introducing and continuing to iterate on new functionality that allows developers to deliver these use cases while preserving user privacy. For example, our new declarativeNetRequest API is designed to be a privacy-preserving method for extensions to block network requests without needing access to sensitive data.
The declarativeNetRequest API is an example of how Chrome is working to enable extensions, including ad blockers, to continue delivering their core functionality without requiring the extension to have access to potentially sensitive user data. This will allow many of the powerful extensions in our ecosystem to continue to provide a seamless user experience while still respecting user privacy.
declarativeNetRequest
When the Manifest V3 draft proposal was initially shared with the Chromium developer community, we received an abundance of helpful feedback — thank you! We have been working closely with the developers of many extensions — including ad blockers, shopping extensions, productivity enhancements, developer tools, and more — to evolve the platform.
We've used this feedback to improve the functionality and usability of the API surfaces associated with Manifest V3. For example, we have added support to declarativeNetRequest for multiple static rulesets, regular expressions within rules, declarative header modification, and more.
“We’ve been very pleased with the close collaboration established between Google’s Chrome Extensions Team and our own engineering team to ensure that ad-blocking extensions will still be available after Manifest V3 takes effect." — Sofia Lindberg, Tech Lead, eyeo (Adblock Plus)
Even after Manifest V3 launches, expect more functionality and iteration as we continue to incorporate feedback and add new features to make V3 even more powerful for developers while preserving user privacy. If you are interested in contributing to the conversation, please comment and discuss on the chromium-extensions Google Group.
Manifest V3 is now available to experiment with on Chrome 88 Beta, with additional exciting features to follow in upcoming releases. The Chrome Web Store will start accepting Manifest V3 extensions January, shortly after Chrome 88 reaches stable. While there is not an exact date for removing support for Manifest V2 extensions, developers can expect the migration period to last at least a year from when Manifest V3 lands in the stable channel. We will continue to provide more details about this timeline in the coming months.
Posted by David Li - Product Manager, Chrome & Simeon Vincent - Developer Advocate, Chrome
App developers should be able to make money from their creations, whether via ads, purchases, or subscriptions. The first step to successfully monetizing is getting your app discovered.
Now that Progressive Web Apps (PWAs) can be listed in Google Play, we’re excited to announce that web developers can use Google Play payments in their PWA on Chromebooks and Android devices. This makes it even easier to get your PWA in front of more users and start accepting simple, secure payments by listing in Google Play.
Since their release, Chromebooks and Chrome OS have proven that a device built around the web can make computing easier, faster, and more secure. Last year, we expanded high-quality app experiences beyond mobile by adding support for PWAs on Chrome OS. And that’s clearly resonated with users — in the past year, Chromebook unit sales have grown 85% year over year (YOY)1, and PWA installs more than doubled2.
With all the new capabilities being added to web apps — from saving to the local file system to device communication — we saw an opportunity to highlight the best experiences for Chromebook users.
Search continues to be a quick and easy way to discover new web apps, but many people are also turning to app stores to find the best software for their device in one place. That’s why we gave developers the ability to list their PWA in Google Play on Chrome OS using Trusted Web Activity. Now, users can discover web apps by browsing through collections and curated recommendations in the Play Store. And once they install it, they’ll be able to enjoy the full-screen app experience they love, powered by Chrome.
Brands like Kapwing, an online image, video, and GIF editing platform, have already seen impressive results after launching their PWA:
"In the first five weeks of launching our PWA-ified website, the number of people creating videos through the PWA grew 36%. This growth in usage outpaced overall growth on the website, indicating higher retention among creators who installed the PWA." - Julia Enthoven, CEO of Kapwing
If your app accepts payments, you can simplify the process by using the Digital Goods API with Google Play. This feature is ready to start testing behind a flag in Chrome OS 88 and will launch with Chrome OS 89 in March 2021.
These APIs allow you to offer in-app payments and subscriptions with a single click, and users see the same, familiar Google Play billing flow with the ability to save credits or payment information.
We’ve already seen great responses to PWAs on Chromebooks — users enjoying the advanced graphics on Adobe Spark and Corel’s Gravit Designer, sharper video editing with Clipchamp, and more powerful viewing experiences on YouTube TV. We’re excited to share that all of these experiences will arrive in the Play Store as soon as the Digital Goods API arrives in Chrome OS 89.
It’s incredible to see the journey of developers as they build their web apps for larger screens. We can’t wait to showcase amazing web apps like these on Google Play — and we hope to see yours there soon!
Posted by PJ McLachlan & Tom Buckley
Sources: 1 The NPD Group, Inc., U.S. Retail Tracking Service, Notebook Computers, based on unit sales, Jan.–Aug. 2020. 2 Chrome usage metrics, Dec. 2019–Dec. 2020.
“Loading a page without prefetching”
“Naively prefetching websites can result in leaking user’s interest in some content or product”
“Prefetching websites via a CONNECT proxy prevents leaking user information”
Unless otherwise noted, changes described below apply to the newest Chrome beta channel release for Android, Chrome OS, Linux, macOS, and Windows. Learn more about the features listed here through the provided links or from the list on ChromeStatus.com. Chrome 88 is beta as of December 3, 2020.
Chrome now supports an API for querying and managing digital products to facilitate in-app purchases from web applications. This is used with the Payment Request API, which is used to make the actual purchases. The API would be linked to a digital distribution service connected via the user agent. In Chromium, this is specifically a web API wrapper around the Android Play Billing API.
This is needed so that web apps in the Play Store can accept purchases for digital goods. (Play policies prevent them from accepting payment via any other method.) Without this, websites that sell digital goods are not installable through the Play Store.
In Chrome 88, this is available for Android in an origin trial. For a list of other origin trials starting in this release, see below.
This version of Chrome introduces the origin trial described below. Origin trials allow you to try new features and give feedback on usability, practicality, and effectiveness to the web standards community. To register for any of the origin trials currently supported in Chrome, including the ones described below, visit the Origin Trials dashboard. To learn more about origin trials themselves, visit the Origin Trials Guide for Web Developers.
Allows sites to query for estimates of the environmental lighting conditions within WebXR sessions. This exposes both spherical harmonics representing the ambient lighting, as well as a cubemap texture representing "reflections". Adding lighting estimation can help to make models feel more natural and like they "fit" better with the user's environment. This can make them feel more "real" or "natural".
In Chrome 88, this is available for Android only.
The following features, previously in Chrome origin trials, are now enabled by default.
Adds the performance.measureMemory() method that estimates the memory usage of the web page in case the page is currently isolated (e.g. on Desktop). Because the method is gated behind COOP/COEP web sites need to enabled crossOriginIsolated to use this method. For more information, see Monitor your web page's total memory usage with measureMemory().
Adds the ability to request unadjusted/unaccelerated mouse movement data when in PointerLock. If unadjustedMovement is set to true, then the pointer movements will not be affected by the underlying platform modifications such as mouse acceleration. For more information, see Disable mouse acceleration to provide a better FPS gaming experience.
PointerLock
unadjustedMovement
To mitigate "tab-napping" attacks, in which a new tab/window opened by a victim context may navigate that opener context, anchors that target _blank will behave as though rel is set to noopener. To opt out of this behavior, you can set rel to opener. This conforms to a change in the HTML standard.
_blank
rel
noopener
Dark mode is an accessibility feature that allows web authors to enable their web pages to be viewed in dark mode. When enabled, users are able to view dark mode supported websites by toggling the dark mode settings on their OS. The benefits of dark mode are being easier on the eyes in a low light environment and lower battery consumption. For more about dark mode and form controls, see Improved dark mode default styling with the color-scheme CSS property and the corresponding meta tag.
Adds the AbortSignal option, named signal, to the options parameter of addEventListener(). The signal option must first be created by an AbortController by accessing the signal property on an AbortController instance. Once the signal is passed in to addEventListener(), calling AbortController.abort() removes the event listener added with addEventListener().
AbortSignal
signal
addEventListener()
AbortController
AbortController.abort()
Allows explicitly specifying an aspect ratio for any element to get similar behavior to a replaced element. This generalizes the aspect ratio concept to general elements. It allows various effects, examples include sizing <iframe> elements using an aspect ratio, filmstrips where each element has the same height but needs an appropriate width, and cases where a replaced element is wrapped by a component but should keep the aspect ratio.
<iframe>
Allows complex selectors inside the :not() pseudo class, such as :not(.a + .b .c).
:not()
:not(.a + .b .c)
When adopting a shadow root into a <template> document from a document that the <template> is in (or vice versa), Chrome will no longer clear its adoptedStyleSheets. Currently Chrome always clears adoptedStyleSheets when the shadow root containing it is adopted into a different document. This ensures that constructed stylesheets are not used across <iframe> elements, but this also covers adopting into/from <template> elements, causing some confusion for the web developer.
<template>
adoptedStyleSheets
A new attribute on ElementInternals, shadowRoot, allows custom elements to access their own shadow root, regardless of open/closed status. Additionally, further restrictions are added to the attachInternals() method to ensure that custom elements get the first chance to attach the ElementInternals interface. With this change, the attachInternals() method will throw an exception if called before the custom element constructor being run.
ElementInternals
shadowRoot
attachInternals()
This feature was mostly driven, at least initially, by the declarative Shadow DOM feature introduction. With declarative Shadow DOM, there was a problem with closed shadow roots: declarative shadow content loads before the custom element is upgraded, which means that closed shadow content would have been inaccessible. In addition to the declarative Shadow DOM use case, this feature also offers a convenience to custom element authors, who no longer need to keep a reference to attached shadow roots, and can instead use the ElementInternals interface.
The type parameter in WakeLock.request() is now optional and defaults to "screen", which is currently the only allowed value. For more information, see Stay awake with the Screen Wake Lock API.
type
WakeLock.request()
"screen"
Origin isolation allows developers to opt in to giving up certain cross-origin same-site access capabilities—namely synchronous scripting via document.domain, and calling postMessage() with WebAssembly.Module instances. This gives the browser more flexibility in implementation technologies. Reasons why a site may want better isolation include: performance isolation, allocations of large amounts of memory, side-channel protection (e.g. against Spectre), and improved memory measurement.
document.domain
postMessage()
WebAssembly.Module
Adds support for path() as a value for the CSS clip-path property, which allows specifying SVG-style paths for clipping. This supplements the four basic shapes currently supported by clip-path: circle, ellipse, polygon, and url. For example, the following would clip an element with a triangle: clip-path: path(oddeven, 'M 5 5 h 100 v 100 Z')
path()
clip-path
circle
ellipse
polygon
url
clip-path: path(oddeven, 'M 5 5 h 100 v 100 Z')
The Permissions-Policy HTTP header replaces the existing Feature-Policy header for controlling delegation of permissions and powerful features. The header uses a structured syntax, and allows sites to more tightly restrict which origins can be granted access to features.
Permissions-Policy
Feature-Policy
Transceivers allow the sending and/or receiving of media in WebRTC. Stopping a transceiver makes it permanently inactive and frees its network port, encoder, and decoder resources. This also makes its m= section in the SDP reusable by future transceivers, preventing the SDP from growing indefinitely as transceivers are added and removed. This is part of "Perfect Negotiation", which makes signaling in WebRTC race free and less error-prone.
m=
This version of Chrome incorporates version 8.8 of the V8 JavaScript engine. It specifically includes the change listed below. You can find a complete list of recent features in the V8 release notes.
Adds the JavaScript type SharedArrayBuffer gated behind COOP/COEP. A SharedArrayBuffer allows a message to be posted to a worker by sending a reference instead of a copy of the sent data.JavaScript Atomics provides atomic loads and stores and read/modify/write accesses to SharedArrayBuffer objects. Atomics.wait() provides the ability for a worker to wait for another worker to signal it, without having to spinlock.
SharedArrayBuffer
Atomics.wait()
The primary use case for SharedArrayBuffer is for asm.js code, but it is also useful for implementing other higher-level sharing between Workers.
For more information, see Making your website "cross-origin isolated" using COOP and COEP.
This version of Chrome introduces the deprecations and removals listed below. Visit ChromeStatus.com for lists of current deprecations and previous removals.
Since Chrome 80, pages have no longer been able to open a new page during unloading using window.open(). Since then enterprises have been able to use the AllowPopupsDuringPageUnload policy flag to allow popups during page unload. Starting in Chrome 88, this flag is no longer supported.
window.open()
Chrome is removing support for FTP URLs. The legacy FTP implementation in Chrome has no support for encrypted connections (FTPS), nor proxies. Usage of FTP in the browser is sufficiently low that it is no longer viable to invest in improving the existing FTP client. In addition, more capable FTP clients are available on all affected platforms.
Google Chrome 72 and later removed support for fetching document subresources over FTP and rendering of top level FTP resources. Navigating to FTP URLs results in showing a directory listing or a download depending on the type of resource. A bug in Google Chrome 74 and later resulted in dropping support for accessing FTP URLs over HTTP proxies. Proxy support for FTP was removed entirely in Google Chrome 76.
The remaining capabilities of Google Chrome's FTP implementation were restricted to either displaying a directory listing or downloading a resource over unencrypted connections.
In Chrome 77, FTP support was disabled by default for fifty percent of users but was available with flags.
In Chrome 88 all FTP support is disabled.
Web Components v0 have been in a reverse origin trial since Chrome 80. This allowed users of the API time to upgrade their sites while ensuring that new adopters of Web Components used version 1. The reverse origin trial ends with Chrome 87, making Chrome 88 the first in which version 0 is no longer supported. The Web Components v1 APIs replace Web Components v0 and are fully supported in Chrome, Safari, Firefox, and Edge. This removal covers the items listed below.
