Planet Chromium

April 23, 2015

Google Chrome Releases

Dev Channel Update for Chrome OS

The Dev channel has been updated to 44.0.2376.2 (Platform version: 6996.0.0) for all Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).

Dharani Govindan
Google Chrome

by Dharani (noreply@blogger.com) at April 23, 2015 08:14 PM

Chrome Beta for Android Update

The Chrome Team is excited to announce the release of Chrome 43 Beta for Android. Chrome 43.0.2357.38 will be available in Google Play over the next few hours. New features included in this release:
  • Faster Checkout - Quickly and securely complete checkout forms with data from Google Wallet
  • Bug fixes and speedy performance improvements.
A partial list of other changes in this build are available in the Git log. If you find a new issue, please let us know by filing a bug. More information about Chrome for Android is available on the Chrome site.

Jason Kersey
Google Chrome

by Jason Kersey (noreply@blogger.com) at April 23, 2015 12:36 PM

Android WebView Stable Update

The Chrome team in London is happy to announce that WebView has been updated to 42.0.2311.129 and will be available in Google Play over the next few days for devices on Android 5.0 and higher.

This release adds support for ES6 classes and provides stability and security fixes.

Interesting in trying the WebView beta channel?  Find out how right here.  If you notice any issues, please file a bug.

Alex Mineer
Google Chrome and WebView

by Alex Mineer (noreply@blogger.com) at April 23, 2015 11:17 AM

Beta Channel Update for Chrome OS

The Beta channel has been updated to 43.0.2357.32 (Platform version: 6946.20.0) for all Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. Systems will be receiving updates over the next several days.

Some highlights of these changes are:
  • Autofill settings for credit cards from Google Wallet
  • Enable always-on "OK Google" from anywhere when screen is unlocked on new Chromebook Pixel
  • Physical keyboard auto correction
  • Material design for Virtual keyboard UI
If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).


Josafat Garcia
Google Chrome

by Josafat (noreply@blogger.com) at April 23, 2015 09:34 AM

April 22, 2015

Google Chrome Releases

Beta Channel Update

The beta channel has been updated to 43.0.2357.37 for Windows, Mac and Linux.

A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome

by laforge@chromium (noreply@blogger.com) at April 22, 2015 12:22 PM

April 21, 2015

Google Chrome Releases

Dev Channel Update for Chrome OS

The Dev channel has been updated to 43.0.2357.32 (Platform version: 6946.20.0) for all Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).

Josafat Garcia
Google Chrome

by Josafat (noreply@blogger.com) at April 21, 2015 10:08 PM

Dev Channel Update

The dev channel has been updated to 44.0.2376.0 for Windows, Mac, and Linux.

A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Penny MacNeil
Google Chrome

by Penny MacNeil (noreply@blogger.com) at April 21, 2015 10:49 AM

April 20, 2015

Chromium Blog

Reaching and re-engaging users on the mobile web

One of the web’s superpowers is its low friction: a new site is always only a single tap away, allowing users to easily navigate through a rich diversity of experiences. The mobile web provides a great discovery experience for users and unparalleled reach for developers.

Unfortunately, once users discover an experience they love, it is hard for them to build a meaningful relationship since websites lack the engaging capabilities developers have come to expect from mobile such as push notifications and home screen icons. As a result, developers have needed to decide between the engagement potential of a native app and the reach potential of a mobile website.

Chrome 42 addresses this dilemma by allowing users to engage more deeply with the mobile web experiences that are important to them, by both opting in to receive push notifications directly from websites and easily adding regularly-visited high-quality sites to their home screen.

Push Notifications
Timely, personalized notifications save users the effort of manually checking for updates throughout the day and have enabled a host of new experiences from real time communication to live updates on breaking news.

This release of Chrome supports the new emerging web standard for push notifications on Android and desktop, enabling users to opt in to allow a specific website to send them push notifications just like an installed native app. Over the coming weeks, mobile web users will be able to opt in to receiving push notifications from early adopters including Beyond the Rack, eBay, Facebook, FanSided, Pinterest, Product Hunt, and VICE News. Roost and Mobify also provide services that make it easy for developers to integrate web-based push notifications into their site with minimal custom implementation work.
push2.gif
Promoting Add to Home Screen
Mobile users often open their phones to pass time while on the bus or waiting in line. Home screen icons help them easily jump back into their favorite experiences with just a single tap. In this release of Chrome for Android, users who frequently visit a modern, mobile-optimized website such as Flipboard or Medium will be offered the option to easily add the site directly to their home screen in one tap, allowing them to keep in touch and engaged throughout the day.
 
Developers can now take advantage of these and other recent changes including improved performance, full offline support, and access to device capabilities such as the camera and geolocation to deliver more meaningful experiences on the web than ever before. These new features will continue to improve and evolve over time, diminishing the difficult choice for developers between the reach of the mobile web and the engagement of native apps.

Posted by Miguel Garcia, Push Maestro and Owen Campbell-Moore, Engagement Optimizer

by Google Chrome Blog (noreply@blogger.com) at April 20, 2015 09:00 AM

A QUIC update on Google’s experimental transport

Last year we announced QUIC, a UDP-based transport protocol for the modern Internet.  Over the last quarter, we’ve been increasing the amount of traffic to Google services that is served over QUIC and analyzing QUIC performance at scale. Results so far are positive, with the data showing that QUIC provides a real performance improvement over TCP thanks to QUIC's lower-latency connection establishment, improved congestion control, and better loss recovery.


For latency-sensitive services like web search, the largest gains come from zero-round-trip connection establishment. The standard way to do secure web browsing involves communicating over TCP + TLS, which requires 2 to 3 round trips with a server to establish a secure connection before the browser can request the actual web page. QUIC is designed so that if a client has talked to a given server before, it can can start sending data without any round trips, which makes web pages load faster. The data shows that 75% percent of connections can take advantage of QUIC’s zero-round-trip feature. Even on a well-optimized site like Google Search, where connections are often pre-established, we still see a 3% improvement in mean page load time with QUIC.


Another substantial gain for QUIC is improved congestion control and loss recovery. Packet sequence numbers are never reused when retransmitting a packet. This avoids ambiguity about which packets have been received and avoids dreaded retransmission timeouts. As a result, QUIC outshines TCP under poor network conditions, shaving a full second off the Google Search page load time for the slowest 1% of connections.   These benefits are even more apparent for video services like YouTube. Users report 30% fewer rebuffers when watching videos over QUIC. This means less time spent staring at the spinner and more time watching videos.


Where do we go from here? Today, roughly half of all requests from Chrome to Google servers are served over QUIC and we’re continuing to ramp up QUIC traffic, eventually making it the default transport from Google clients — both Chrome and mobile apps — to Google servers. We plan to formally propose QUIC to the IETF as an Internet standard but we have some housekeeping to do first, like changing the wire format and updating our reference implementation from SPDY-over-QUIC to HTTP2-over-QUIC. In the coming months, we also plan to work on lowering handshake overhead to allow better server-side scalability, improving forward error correction and congestion control, and adding support for multipath connections.   


If you want to follow along or play around, feel free to check out the code and experiment with it, or join proto-quic@chromium.org as we continue to improve the Internet, one packet at a time.

Posted by SYN, SYN-ACK and ACK (also known as Alyssa Wilk, Ryan Hamilton and Ian Swett)

by Google Chrome Blog (noreply@blogger.com) at April 20, 2015 08:00 AM

April 17, 2015

Chromium Blog

Chrome 43 Beta: Web MIDI and upgrading legacy sites to HTTPS

The newest Chrome Beta channel release includes Web MIDI support, new features to improve security and compatibility and a number of small changes to enable developers to build more powerful web applications. Unless otherwise noted, changes described below apply to Chrome for Android, Windows, Mac, Linux and Chrome OS.

Connecting to MIDI devices from the web

MIDI is a well-established communication protocol used by music devices such as synthesizers, DJ decks, and drum machines. In Chrome 43, users are able to use MIDI hardware to create music without installing any specialized software, as the Web MIDI API allows websites to communicate with connected MIDI devices such as a USB-MIDI drum machine plugged into an Android tablet.



Permissions API
Until now, websites have been unable to determine the permission state of APIs such as Geolocation. Due to this, sites often attempt to use APIs immediately after page load without pre-existing permission, causing users to see confusing permission prompts with no context or explanation.


The new Permissions API allows developers to query and observe changes to their permission status for Geolocation, Push, Notifications and Web MIDI so they can ask for permission in context, improving the user experience.

Moving DOM attributes to the prototype chain

In Chrome 43, attributes defined on DOM objects have been moved to the prototype chain, as specified by Web IDL. This change allows developers to efficiently override or create methods on DOM Objects and improves compatibility with Firefox and Internet Explorer. As this subtle change may cause breakages in existing content, developers should use Chrome 43 to test their website to ensure their users don’t experience issues when this release rolls out to all users.

Upgrading legacy sites to HTTPS

Transitioning large collections of unmodifiable legacy web content to encrypted, authenticated HTTPS connections can be challenging as the content frequently includes links to insecure resources, triggering mixed content warnings. This release includes a new CSP directive, upgrade-insecure-resources, that causes Chrome to upgrade insecure resource requests to HTTPS before fetching them. This change allows developers to serve their hard-to-update legacy content via HTTPS more easily, improving security for their users.

Other updates in this release

  • Chrome OS now fires devicemotion events on pages at a regular interval, allowing developers to track the device’s acceleration in the same way they do on Chrome for Android, Windows, Mac, and Linux.
  • The Web Audio API now allows developers to selectively disconnect specific connections to an AudioNode or AudioParam, avoiding the audio artifacts caused by disconnecting all inputs and then manually re-connecting those that should have been retained.
  • Developers using the Web Audio API can now also explicitly close an AudioContext, releasing all allocated system audio resources instead of depending on unpredictable garbage collection.
  • The nonstandard WebSocket.URL and EventSource.URL were removed in favor of their standard counterparts WebSocket.url and EventSource.url.


As always, visit chromestatus.com/features for a complete overview of Chrome’s developer features, and circle +Google Chrome Developers for more frequent updates.

Posted by Takashi Toyoshima, Software Engineer and MIDI Music Maker

by Google Chrome Blog (noreply@blogger.com) at April 17, 2015 04:19 PM

April 16, 2015

Google Chrome Releases

Stable Channel Update for Chrome OS

The Stable channel has been updated to 42.0.2311.87 (platform version: 6812.75.2). Systems will be automatically updated over the next few weeks. This build contains a number of bug fixes, security updates, and feature enhancements.

Some highlights of these changes are as follows:
  • Files app has been refreshed to follow the suit with Material Design
  • New Chrome OS Launcher including better search experience, voice search, and Google Now integration
  • Updated calculator app
  • Support for password-protected zip files
  • Default typeface on all Chromebooks has been updated to Roboto for Latin, Greek and Cyrillic scripts, to be more consistent with Material Design

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (under the three horizontal bars in the upper right corner of the browser).


Matthew Yuan
Google Chrome

by Matthew Yuan (noreply@blogger.com) at April 16, 2015 09:06 PM

Beta Channel Update

The Chrome team is excited to announce the promotion of Chrome 43 to the beta channel for Windows, Mac and Linux. Chrome 43.0.2357.18 contains many improvements including:
  • Suggesting Answers in the Omnibox
  • A number of new apps/extension APIs (including the Push API!)
  • Lots of under the hood changes for stability and performance 
Find out more at the Chrome blog. A full list of changes in this build is available in the log. Find out more at the Chrome and Chromium blogs. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Daniel Xie
Google Chrome

by Daniel xie (noreply@blogger.com) at April 16, 2015 08:24 PM

Dev Channel Update

The dev channel has been updated to 44.0.2369.0 for Windows, Mac, and Linux.

A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Penny MacNeil
Google Chrome

by Penny MacNeil (noreply@blogger.com) at April 16, 2015 03:26 PM

Google Chrome Blog

Search and browse faster with the latest Chrome for iOS

Many people whip out their phones throughout the day to check something quickly—get a weather forecast, check what time the Giants game is, find out who guest starred on Mad Men last night. And that’s true for the many millions of you who use Chrome on iOS, so we’ve made our latest version even faster for the things you do every day.

Just pull down on any page to reload, open, or close tabs with one swipe. Pull straight down to reload, pull down and left to open a new tab, or pull down and right to close a tab.
On iOS 8, you can now add Chrome to your Today View to open a new tab or start a voice search quickly. Here's how.
Searching in the address bar? You’ll now see suggested answers as you type for weather, stocks, unit conversions and more, as well as any URLs you’ve copied to your clipboard.
And finally, you can now use your favorite password manager (1Password, Lastpass and more) to fill out website password fields in a snap.

Download the latest Chrome for iOS to check these new features out. See you in the fast lane!

Posted by AbdelKarim Mardini, Product Manager and Speed Demon

by Google Chrome Blog (noreply@blogger.com) at April 16, 2015 02:16 PM

Providing updates for Chrome for XP through 2015

On April 8, 2014, Microsoft stopped supporting Windows XP. This isn’t just a formality: computers running Windows XP haven’t received security patches in over a year and are facing a number of critical security vulnerabilities. At the operating system level, computers running XP are inherently in danger of being infected by malware and viruses, making it increasingly difficult for Chrome to provide a secure browsing environment. That’s why we strongly encourage everyone to update to a supported, secure operating system.
That said, we know that not everyone can easily switch to a newer operating system. Millions of people are still working on XP computers every day. We want those people to have the option to use a browser that’s up-to-date and as safe as possible on an unsupported operating system. We previously announced that we’d keep supporting Chrome on Windows XP through ‘at least’ April 2015. It’s April 2015 now, and we’re extending that commitment. We will continue to provide regular updates and security patches to Chrome on XP through the end of 2015.
Posted by Mark Larson, Director of Engineering, Google Chrome


by Google Chrome Blog (noreply@blogger.com) at April 16, 2015 11:00 AM

Google Chrome Releases

Beta Channel Update for Chrome OS

The Beta channel has been updated to 42.0.2311.87 (Platform version: 6812.75.0) for all devices. This build contains a number of bug fixes, security updates, and feature enhancements. A list of changes can be found here.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).

*Update: We have updated to Platform version 6812.75.2 instead, please expect to receive this version instead of the original 6812.75.0.



Matthew Yuan
Google Chrome

by Matthew Yuan (noreply@blogger.com) at April 16, 2015 09:27 AM

April 15, 2015

Google Chrome Releases

Dev Channel Update for Chrome OS

The Dev channel has been updated to 43.0.2357.19 (Platform version: 6946.10.0) for all Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).

Josafat Garcia
Google Chrome

by Josafat (noreply@blogger.com) at April 15, 2015 07:08 PM

Chrome for Android Update

The Chrome Team is delighted to announce the release of Chrome 42 for Android. Chrome 42.0.2311.107 will be available in Google Play over the next few days. New features in this release include:
  • Get the latest updates from sites with notifications.
  • Adding your favorite sites to your homescreen is now even easier.
  • Bug fixes and speedy performance improvements.
A partial list of other changes in this build are available in the Git log. If you find a new issue, please let us know by filing a bug. More information about Chrome for Android is available on the Chrome site.

Jason Kersey
Google Chrome

by Jason Kersey (noreply@blogger.com) at April 15, 2015 12:00 PM

April 14, 2015

Google Chrome Releases

Dev Channel Update

The dev channel has been updated to 43.0.2357.18 for Windows, Mac, and Linux.

A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Daniel Xie
Google Chrome

by Daniel xie (noreply@blogger.com) at April 14, 2015 02:25 PM

Stable Channel Update

The Chrome team is overjoyed to announce the promotion of Chrome 42 to the stable channel for Windows, Mac and Linux. Chrome 42.0.2311.90 contains a number of fixes and improvements, including:


A list of changes is available in the log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 45 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

[$7500][456518] High CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous.
[$4000][313939] Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo.
[$3000][461191] High CVE-2015-1237: Use-after-free in IPC. Credit to Khalil Zhani.
[$2000][445808] High CVE-2015-1238: Out-of-bounds write in Skia. Credit to cloudfuzzer.
[$1000][463599] Medium CVE-2015-1240: Out-of-bounds read in WebGL. Credit to w3bd3vil.
[$1000][418402] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon and Matt Weston of Sandfield Information Systems.
[$500][460917] High CVE-2015-1242: Type confusion in V8. Credit to fcole@onshape.com.
[$500][455215] Medium CVE-2015-1244: HSTS bypass in WebSockets. Credit to Mike Ruddy.
[$500][444957] Medium CVE-2015-1245: Use-after-free in PDFium. Credit to Khalil Zhani.
[$500][437399] Medium CVE-2015-1246: Out-of-bounds read in Blink. Credit to Atte Kettunen of OUSPG.
[$500][429838] Medium CVE-2015-1247: Scheme issues in OpenSearch. Credit to Jann Horn.
[$500][380663] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to Vittorio Gambaletta (VittGam).

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additional rewards and their recipients will updated here when all reports have gone through the reward panel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:
[476786] CVE-2015-1249: Various fixes from internal audits, fuzzing and other initiatives.
Multiple vulnerabilities in V8 fixed at the tip of the 4.2 branch (currently 4.2.77.14).

Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Alex Mineer
Google Chrome

by Alex Mineer (noreply@blogger.com) at April 14, 2015 11:45 AM

April 09, 2015

Google Chrome Releases

Dev Channel Update

The dev channel has been updated to 43.0.2357.10 for Windows, Mac, and Linux.

A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Daniel Xie
Google Chrome

by Daniel xie (noreply@blogger.com) at April 09, 2015 12:02 PM

April 08, 2015

Google Chrome Releases

Admin Console Update

The Admin console has been updated with a new field in the device list.

The Asset ID field allows admins to track devices using their preferred inventory asset naming conventions.
  • It is now possible to sort the device list by asset ID.
  • Edit the asset ID by clicking on a device, then editing the "Notes" field.
  • Read and write access are available via the Directory API.


Known issues are available here. Enterprise customers can report an issue by contacting support.

Lawrence Lui
Google Chrome

by Lawrence L (noreply@blogger.com) at April 08, 2015 03:54 PM

Dev Channel Update for Chrome OS

The Dev channel has been updated to 43.0.2357.5 (Platform version: 6946.2.0) for all Chrome OS devices except for Asus Chromebox. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).

Josafat Garcia
Google Chrome

by Josafat (noreply@blogger.com) at April 08, 2015 01:15 PM

Beta Channel Update

The beta channel has been updated to 42.0.2311.82 for Windows, Mac and Linux.

A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Alex Mineer
Google Chrome

by Alex Mineer (noreply@blogger.com) at April 08, 2015 09:53 AM

April 07, 2015

Google Chrome Releases

Admin Console Update

The Admin console has been updated with a new user setting.
  • SafeSearch for Google Web Search and Safety Mode for YouTube can now be independently configured on Chrome 41 and above. 
    • For users using devices running Chrome 40 and prior, enabling any setting that turns on SafeSearch will also turn on Safety Mode for YouTube. This includes the settings "Always use SafeSearch for Google Web Search and Safety Mode for YouTube queries" and "Always use SafeSearch for Google Web Search queries only."
    • The setting "Always use Safety Mode for YouTube queries only" will not work on devices running Chrome version 40 and prior.

Known issues are available here. Enterprise customers can report an issue by contacting support.

Lawrence Lui
Google Chrome

by Lawrence L (noreply@blogger.com) at April 07, 2015 05:55 PM

April 06, 2015

Google Chrome Releases

Dev Channel Update

The dev channel has been updated to 43.0.2357.2 for Windows, Mac, and Linux.

A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Daniel Xie
Google Chrome

by Daniel xie (noreply@blogger.com) at April 06, 2015 11:40 AM

April 03, 2015

Google Chrome Releases

Stable Channel Update for Chrome OS

The Stable channel has been updated to 41.0.2272.118 (Platform version: 6680.81.0) for the Samsung Chromebook. Systems will be automatically updated over the next few days. This build contains TPM stability fixes.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).

Josafat Garcia
Google Chrome

by Josafat (noreply@blogger.com) at April 03, 2015 02:16 PM