Fundamentals Tools Updates Case Studies
Featured By Year By Tag
Can’t make the #ChromeDevSummit this year? Catch all the content (and more!) on the livestream, or join your peers for a CDS Extended event at a hosted location nearby. To learn more, check out the Chrome Dev Summit 2019 website.

All Updates tagged: security

Trusted Types help prevent Cross-Site Scripting

Trusted Types is a new experimental API available in Chrome that helps prevent DOM-Based Cross-Site Scripting in your applications.

local_offer news security trusted-types origintrials chrome73

Read article

New in Chrome 70

Chrome 70 adds support for Desktop Progressive Web Apps on Windows and Linux, support for Public Key Credentials to the Credential Management API, allows you to provide a name to dedicated workers and plenty more. Let’s dive in and see what’s new for developers in Chrome 70!

local_offer chrome70 new-in-chrome progressive-web-apps desktop credentials security workers

Read article

Site Isolation for web developers

Chrome 67 on desktop has a new feature called Site Isolation enabled by default. This article explains what Site Isolation is all about, why it’s necessary, and why web developers should be aware of it.

local_offer security

Read article

Meltdown/Spectre

Implications for Web Developers and Chrome’s mitigations.

local_offer security

Read article

Avoiding the Not Secure Warning in Chrome

Chrome will soon mark non-secure pages containing password and credit card input fields as Not Secure in the URL bar. This document is intended to aid Web Developers in updating their sites to avoid this warning.

local_offer chrome56 security autofill

Read article

Capture a MediaStream From a Canvas, Video or Audio Element

The captureStream() method makes it possible to capture a MediaStream from a canvas, video or audio element.

local_offer canvas chrome53 gif media security webrtc

Read article

Muted Autoplay on Mobile: Say Goodbye to Canvas Hacks and Animated GIFs!

Muted autoplay for video is supported on Android from Chrome 53. Previously, a video element required a user gesture to initiate playback.

local_offer canvas chrome53 gif media security webrtc

Read article

ECDSA for WebRTC: Better Security, Better Privacy and Better Performance

From version 52, Chrome uses ECDSA by default — a much more efficient and secure algorithm for WebRTC certificate key generation. In addition, RTCCertificates can now be stored with IndexedDB.

local_offer chrome52 media security webrtc

Read article

Rolling out Public Key Pinning with HPKP Reporting

Chrome 46 ships with a feature called HPKP reporting, which can help you roll out a stricter form of SSL for your site.

local_offer news security hpkp

Read article

Content Security Policy 1.0 is officially awesome.

local_offer news content-security-policy security

Read article

Subscribe