A new default Referrer-Policy for Chrome: strict-origin-when-cross-origin
Starting in 85, Chrome plans to switch its default referrer policy from no-referrer-when-downgrade to the more privacy-preserving strict-origin-when-cross-origin.
New in Chrome 70
Chrome 70 adds support for Desktop Progressive Web Apps on Windows and Linux, support for Public Key Credentials to the Credential Management API, allows you to provide a name
to dedicated workers
and plenty more. Let’s dive in and see what’s new for developers in Chrome 70!
chrome70
new-in-chrome
progressive-web-apps
desktop
credentials
security
workers
Site Isolation for web developers
Chrome 67 on desktop has a new feature called Site Isolation enabled by default. This article explains what Site Isolation is all about, why it’s necessary, and why web developers should be aware of it.
Meltdown/Spectre
Implications for Web Developers and Chrome’s mitigations.
Avoiding the Not Secure Warning in Chrome
Chrome will soon mark non-secure pages containing password and credit card input fields as Not Secure in the URL bar. This document is intended to aid Web Developers in updating their sites to avoid this warning.
Capture a MediaStream From a Canvas, Video or Audio Element
The captureStream()
method makes it possible to capture a MediaStream from a canvas, video or audio element.
canvas
chrome53
gif
media
security
webrtc
Muted Autoplay on Mobile: Say Goodbye to Canvas Hacks and Animated GIFs!
Muted autoplay for video is supported on Android from Chrome 53. Previously, a video element required a user gesture to initiate playback.
canvas
chrome53
gif
media
security
webrtc
ECDSA for WebRTC: Better Security, Better Privacy and Better Performance
From version 52, Chrome uses ECDSA by default — a much more efficient and secure algorithm for WebRTC certificate key generation. In addition, RTCCertificates can now be stored with IndexedDB.
chrome52
media
security
webrtc
Rolling out Public Key Pinning with HPKP Reporting
Chrome 46 ships with a feature called HPKP reporting, which can help you roll out a stricter form of SSL for your site.