The newest Chrome 56 on the beta channel for Android, Chrome OS, Linux, Mac, and Windows — brings "Not Secure" warning, Web Bluetooth, and a support to a new CSS position "sticky."
To help browse web safely, Chrome will now mark HTTP pages that collect password and credit card as "Not Secure" warning appearing in the URL bar for a site with an HTTP connection. This warining as Google describes "is a part of a long-term plan to mark all HTTP sites as non-secure."
To avoid being labeled insecure, Google advises sites to secure their traffic with HTTPS with general security guidelines. The feature will roll out gradually over the next few weeks.
Also, Web Bluetooth when combined with Physical Web beacons can discover and control nearby devices. Check out these samples and demos on GitHub to get started. An Android device connecting to a BLE-enabled heart rate monitor via the web (source)
Chrome also now supporting a new way to position CSS elements with "sticky", which is "a relatively-positioned element," but becomes "position: fixed after the user reaches a certain scroll position."
Previously, "building content headers that scrolled normally until sticking to the top of the viewport required listening to scroll events and switching an element's position from relative to fixed at a specified threshold. Now, users can achieve the desired effect by simply positioning their elements as sticky," google said.
See the changelog under to see all other features included in this release:
- Remote Playback API on Android enables sites to initiate and control playback of an HTMLMediaElement on smart TVs and speakers.
- WebVR API trial on Android allowing developers to create virtual reality experiences on the web.
- WebGL 2.0 API enabled by default on desktop platforms, providing OpenGL ES 3.0 level rendering capabilities via the <canvas> element.
- Support for Adobe Flash will no longer be advertised in navigator.plugins and navigator.mimetypes if the user has not substantially interacted with a site, though users can re-enable Flash experiences on a per-site basis.
- Sites can now experiment with taking photos and configuring camera settings like zoom using the Image Capture origin trial.
- When content changes above the viewport, Chrome now automatically adjusts the scroll position to keep content in the viewport fixed unless the CSS overflow-anchor property is set.
- Notifications API now allows sites to include an image in notifications by setting the image property.
- PaymentRequest API has a variety of new features including requestPayerName and JSON serialization.
- Showing and hiding the URL bar on mobile no longer resizes the initial containing block or elements sized with viewport units such as vh.
- Text input elements such as <input type="text"> now have spell-checking enabled by default on Android devices with at least 512 MB of memory and a system dictionary.
- generic font family used to fit content within the UI has been standardized and renamed as system-ui on all platforms.
- new Referrer-Policy HTTP header allows sites to forward site traffic by URL without leaking the user's session identifier or other private information.
- KeyboardEvent.isComposing() allows sites to determine if the user is typing based on recent KeyboardEvents, without monitoring keyboard events directly.
- Chrome for Android now sets the default preload attribute for videos to metadata on cellular connections, showing a preview image and time information to match other mobile browsers.
- Chrome now supports TLS 1.3 and includes 1-RTT based on draft-18.
- Sites can use ImageBitmapRenderingContext to reduce memory consumption and compositing overhead by rendering pixel data in the form of an ImageBitmap.
- Sites can respond to pinch gestures using the pinch-zoom CSS touch-action property.
- ConstantSourceNode is a new audio source node that produces a constant output mixed with an AudioParam.
- Web Audio ChannelSplitterNode Interface has two new read-only attributes: channelCount, which is defined by numberOfOutputs in createChannelSplitter().
- PannerNode.rolloffFactor now clamps to the nominal range of a PannerNode's distance model to describe the volume reduction rate as the source moves away from the listener.
- window.prompt() will no longer focus its parent tab if the page is not currently in the foreground.
- match behavior on Windows, Chrome Extensions can now override default search, startup, and homepage settings on Mac with the Chrome Settings Overrides API.
Update 12/10: Chrome 55 Stable channel in the next few days will be rolling out plan HTML5 by Default to offer a safer, more power-efficient experience.
With this change, Adobe Flash Player disables, and starting in January, "users will be prompted to run Flash on a site-by-site basis," and eventually by October, all websites will require user's permission to run Flash. Google notes that over time they'll tighten this restriction using Site Engagement Index, "a heuristic for how much a user interacts with a site based on their browsing activity."
"HTML5 By Default will be enabled for 1% of users of Chrome 55 Stable in the next few days," Google said. The feature is also enabled for 50% of Chrome 56 beta users, and will Google notes, that in "Februray it'll be enable to all users with Chrome 56 stable."