Google Chrome 13

Chrome Extensions: Now with more powerful scripts and improved proxy management.

Submitted by admin on Wed, 07/13/2011 - 11:26

In Chrome 13, we added some new capabilities to content scripts and proxy management.

First, you can now make cross-origin XMLHttpRequest calls with the privileges of the extension directly from your content script. You will no longer need to relay these requests through a background page; this should simplify your code. In some cases, it may even eliminate your need to use a background page. Here’s a  which demonstrates the old way a content script could make a cross domain request. As you can see, the extension required a background page to route the cross-origin calls through a chrome.extension.onRequest listener. Using the new content script cross-origin capabilities, we were able to successfully rewrite the extension to completely eliminate the background page requirement. This reduces the memory required to run the extension, and reduces code complexity as well. This also means that Greasemonkey scripts that use GM_xmlhttpRequest - such as the classic Book Burro - will now work in Chrome.

Second, we improved how  work. Until this release you could specify a matches array for your content script - the URLs over which it should operate. In Chrome 13 you can now also specify an exclude_matches array, where you can indicate the pages in which your content scripts should not work. This should allow more precise targeting of your content script.

Finally, we added support for the @run-at command for imported Greasemonkey scripts, so you can control when your script is loaded in the same way you’ve been able to do for content scripts. Running scripts at different points in a page's lifecycle can enable additional functionality. For example, we've written a script which runs at "document-start" and lists all of the HTTP resources included in the current page.

In addition to these improvements to scripts, we’ve been working hard to allow extensions to manage Chrome’s proxy settings using different configuration options. With the , you can now configure proxy settings by choosing from several options including auto detection, the host OS’s system default, PAC scripts or fixed .

These new configuration options allow for more fine grained proxy controls, which we invite you to try out. There are already several 3rd party extensions available in the Chrome Web Store that showcase the API and its new capabilities, including  and . 

Let us know what you think of these new features and what else you might like to see us do by joining the discussion at .

Using Cross-domain images in WebGL and Chrome 13

Submitted by admin on Wed, 07/06/2011 - 16:15

A few weeks ago, we became aware of a security issue with WebGL: shaders could be used to indirectly deduce the contents of textures uploaded to the GRU. As a result, the WebGL specification was updated to be more restrictive when it comes to using cross-domain images and videos as WebGL textures.

As a result, Chrome 13 (and Firefox 5) will no longer allow cross-domain media as a WebGL texture. The default behavior will be a DOM_SECURITY_ERR. However, applications may still utilize images and videos from another domain with the cooperation of the server hosting the media, otherwise known as CORS.

CORS support for MediaElements has also been fully implemented in WebKit by setting a new .crossOrigin attribute. This means that sophisticated applications that were using cross-origin textures before, can continue to do so, assuming the hosting image server grants the necessary cross-origin permission using CORS. If you want to enable CORS request on an image, all you have to do is add one line of code:

var img = document.createElement('img');
img.onload = function(e) { … };
img.crossOrigin = ''; // no credentials flag. Same as img.crossOrigin='anonymous'
img.src = 'http://other-domain.com/image.jpg';

Another nice property that we gain from this new setting is the ability to read cross-domain image data set on a 2D canvas. Normally, filling a canvas with a remote image (e.g. ctx.drawImage()) flips the origin-clean flag to false. Attempting to read back the pixels using ctx.toDataURL() or ctx.getImageData() throws a SECURITY_ERR. This is to prevent information leakage. However, when .crossOrigin is set (and the remote server supports CORS), the read is possible. For example:

var img = document.createElement('img');
img.onload = function(e) {
ctx.drawImage(img, 0, 0, canvas.width, canvas.height);
var url = canvas.toDataURL(); // Read succeeds, canvas won't be dirty.
};
img.crossOrigin = '';
img.src = 'http://other-domain.com/image.jpg';

Unfortunately, this new restriction in WebGL means that some existing content will break. We’ve already started working with external image and video hosting services like Flickr to evangelize the use of CORS on their images.

You can test this new behavior today using images from Picasa, which already sends a CORS header allowing cross-origin requests, and the Chrome dev channel.

Google Chrome 13 Hits Dev Channels; Adds Background Apps Support, Multiple Profiles and More

Submitted by admin on Wed, 05/18/2011 - 12:27


Google has just released Google Chrome 13 to the dev channel and it has a lot of new features which include a working version of Multiple Profile switcher, experimental new tab page and tab grouping. Additionally, Google Chrome 13 also adds a new feature called Compact Navigation and the ability to restrict Google Instant to search.

The new development version also adds an option to enable the Web Audio API and an option to allow "Background Apps" to continue running even when Chrome is shut down.

Background Apps are Google Chrome Apps  which provide users with functionality that quietly runs in the background without intrusion. Background Apps could be apps that regularly check your email or account and notify you of new updates. The new feature in Google Chrome 13 will allow apps to continue running.

The new "Background Apps" feature is enabled by default, you can disable it by going to "Options -> Under The Hood" and deselect the checkbox next to "Continue running background apps when Google Chrome is closed".

Google Chrome Multiple Profiles

Google Chrome 13 also features a working version of the profile switcher which allows users to use different profiles for different Chrome windows. This will allow users to work with different profiles without having to keep logging in and out. Google Chrome 13 also has the latest Flash player – Version 10.3.181.14.

Google Chrome New Tab Page

Google has been working on the experimental new tab page for a while and it looks like things are finally taking shape in Google Chrome 13. When you enable the feature from about:flags, you will see a new tab page which now lists most visited sites and apps in tabs. It also has additional tabs but they don’t have any content. The new tab feature could allow users to create customizable tabs where they can list out different apps, however, there is no option to customize them right now.

Chrome Hide Toolbar

Google Chrome 13 also has an option to hide the toolbar which can be done by right click on a tab an selecting "Hide the toolbar" from the menu options. Using this option hides the Omnibox and extension icons. I would prefer to have a keyboard shortcut to enable and disable this feature.  You will need to visit the about:flags page and enable the "Compact Navigation" feature to get this option.

Finally, Google Chrome 13 also adds a new option to restrict Google Instant to only searches. Prior to that, Google Instant would kick in even when you load any webpage. This could get annoying and a feature to disable it is a great addition. You will have to enable this feature in about:flags too.

Overall, it looks like Google Chrome 13 is shaping out really well. Some of the features like multiple profiles and new tab page are really exciting. Hopefully, these changes should hit the beta and stable channels soon.

Google Chrome 13 Hits Canary Build; Stable Version Bumped to Chrome 11

Submitted by admin on Wed, 04/27/2011 - 11:27


Google has just released Google Chrome 11 to the stable version of the browser for Windows, Mac OS X and Linux. In addition to that the Canary build is now Google Chrome 13. Google Chrome development version has also been updated with the new Profile Switcher feature.

google_chrome_13

Google Chrome 11 includes several enhancements including speech input through HTML which allows users to speak text and then insert them into HTML forms. The Chrome Blog has a detailed article on how this works with Google Translate.

In addition to that, Google has also update the development version of the browser to include the new Profile Switcher feature which will allow users to create and switch between multiple sync profiles for different windows. However, the feature is still being developed and does not allow you to create multiple profiles.

The Canary build of Google Chrome has also been bumped to Google Chrome 13 (v13.0.747.0). Both the development and Canary features look identical which means that most of the changes are under the hood.

Tab Grouping Google Chrome

Some of the visible changes in the development and Canary build include "Tab Grouping", focus existing tab on open and the experimental new tab page which still seems to be experimental. Google Chrome 13 might be shipped to the development version after the Multiple Profile features is fully functional.