Create Amazing Password Forms
Web browsers (and other agents, such as password managers) try to make the process of filling out forms as convenient to users as possible, to save time and frustration. However good they are at interpreting web pages, however, there are always a few things you, as a web developer, can make sure to do, to ensure the best experience for your users, by making your web pages accessible. Group related
HTTP Strict Transport Security
HTTP Strict Transport Security allows a site to request that it always be contacted over HTTPS. HSTS is supported in Google Chrome, Firefox, Safari, Opera, Edge and IE (caniuse.com has a compatibility matrix). The issue that HSTS addresses is that users tend to type http:// at best, and omit the scheme entirely most of the time. In the latter case, browsers will insert http:// for them. However, H
Cross-Origin Read Blocking for Web Developers
Cross-Origin Read Blocking (CORB) is a new web platform security feature that helps mitigate the threat of side-channel attacks (including Spectre). It is designed to prevent the browser from delivering certain cross-origin network responses to a web page, when they might contain sensitive information and are not needed for existing web features. For example, it will block a cross-origin text/html
Flash Roadmap
Developer Recommendations Ultimately we recommend migrating towards HTML5 content, however for sites that still require Flash Player in the interim we recommend presenting users with a link/ image to "Enable" Flash Player that points to "https://get.adobe.com/flashplayer/." When users click on that link Chrome will present the necessary UI to enable Flash Player for the site. It will look somethin
Mitigating Side-Channel Attacks
At the beginning of 2018, researchers from Google's Project Zero disclosed a series of new attack techniques against speculative execution optimizations used by modern CPUs. Security researchers will continue to find new variations of these and other side-channel attacks. Such techniques have implications for products and services that execute third-party code, including Chrome and other browsers
Site Isolation
Overview Site Isolation is a security feature in Chrome that offers additional protection against some types of security bugs. It uses Chrome's sandbox to make it harder for untrustworthy websites to access or steal information from your accounts on other websites. Websites are typically not allowed to access each other's data inside the browser, thanks to code that enforces the Same Origin Policy
Network Portal Detection
Shill, the connection manager for Chromium OS, attempts to detect services that are within a captive portal whenever a service transitions to the ready state. This determination of being in a captive portal or being online is done by attempting to retrieve the webpage http://clients3.google.com/generate_204. This well known URL is known to return an empty page with an HTTP status 204. If for any r
Core Principles
These are the things that are important to us: these principles shape the product that we build. Note that the examples given are meant to be illustrative rather than exhaustive. Speed Our objective is to make the fastest browser - and we tackle this in a number of ways. Because the speed of rich web applications is important to us, we develop our own JavaScript engine, called V8. Because the spee
Site Engagement
The Site Engagement Service provides information about how engaged a user is with a site. The primary signal is the amount of active time the user spends on the site but various other signals may be incorporated (e.g whether a site is added to the homescreen). What is a site? Site is an inexact term. For the purposes of site engagement, we’ll be treating origins as sites. What is engagement? Engag
Flash Usage Trends
Volume [<img alt="image" src="/flash-roadmap/flash-usage-trends/Flash%20Volume%20-%20Update%20July%209.png">](/flash-roadmap/flash-usage-trends/Flash%20Volume%20-%20Update%20July%209.png) Absolute volume of Flash Impressions (on Chrome Stable for Windows and MacOS) Percent of Daily Actives Percent of users who have encountered at least one page w/ Flash Player content in a day (on Chrome Stable fo
Site Isolation Design Document
This design document covers technical information about how Site Isolation is built. For a general overview of Site Isolation, see https://www.chromium.org/Home/chromium-security/site-isolation. Motivation Chrome's multi-process architecture provides many benefits for speed, stability, and security. It allows web pages in unrelated tabs to run in parallel, and it allows users to continue using the
Dev-Install: Installing Developer and Test packages onto a Chrome OS device
Overview For developers of Chromium OS there are many helpful packages included as part of developer and test images that are not included as part of Chrome OS. Bootstrapping and getting these back into the system can be very difficult without re-imaging the entire device. Ideally, you'd be able to get these packages back but still auto-update the rest of the system. Dev-install solves this use ca
Print Preview
Status: Draft as of 2010/10/14. Objective A feature in Chrome to let users see their printer output before sending it to the printer. Background Web pages are generally designed to be displayed on a computer screen and are not always optimized for printing. When a web page gets printed, the browser has to reformat the page to fit the physical constraints of the paper media. The web page printed to
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
IDN in Google Chrome
Debugging problems with the network proxy
Meltdown/Spectre vulnerability status for Chrome OS devices - The Chromium Projects
Certificate Transparency
https://www.chromium.org/chromium-os/developer-guide/chromium-os-sandboxing/
PNaCl
https://www.chromium.org/chromium-os/developer-information-for-chrome-os-devices/