Windows,Tutoriels, Informatique

Les Infos du Geek - Windows, tutoriels, Informatique



Google Chrome 61 est disponible

Publié le Publié dans Actualité de Windows 10, Articles, Les News, Logiciels

Google Chrome 61 est disponible en téléchargement




Google vient de sortir la version stable de Google Chrome 61, pour Windows, macOS et Linux.
Cette version prend en charge les modules JavaScript via la valeur:


<script type=module>



Les développeurs profitent ainsi d’une prise en charge des modules JavaScipt en natif.
le moteur JavaScript V8 du navigateur passe en version 6.1 avec plusieurs améliorations.
L’API Network Information est désormais disponible sur la version bureau de Chrome de même que sur Android,
permettant aux sites d’accéder aux informations de connexion sous-jacentes d’un périphérique.
Cette API pourra également partager du contenu avec les applications Web installées.


Google-Chrome 61 mobile


Nouvelles API
l’API Device RAM, celle-çi s’adresse aux développeurs, elle permet d’informer un site Web sur la quantité de RAM disponible sur la machine.
L’autre API, la WesUSB, afin de permettre à un service Web d’accéder à une ressource du l’appareil, un périphérique USB.
L’API Payement Request déjà proposée sur la version Android de Chrome est maintenant disponible pour la version PC.



Google Chrome 61



Security fixes


[$5000][737023] High CVE-2017-5111: Use after free in PDFium. Reported by Luật Nguyễn (@l4wio) of KeenLab, Tencent on 2017-06-27
[$5000][740603] High CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Klein ( on 2017-07-10
[$5000][747043] High CVE-2017-5113: Heap buffer overflow in Skia. Reported by Anonymous on 2017-07-20
[$3500][752829] High CVE-2017-5114: Memory lifecycle issue in PDFium. Reported by Ke Liu of Tencent’s Xuanwu LAB on 2017-08-07
[$3000][744584] High CVE-2017-5115: Type confusion in V8. Reported by Marco Giovannini on 2017-07-17
[$TBD][759624] High CVE-2017-5116: Type confusion in V8. Reported by Anonymous on 2017-08-28
[$1000][739190] Medium CVE-2017-5117: Use of uninitialized value in Skia. Reported by Tobias Klein ( on 2017-07-04
[$1000][747847] Medium CVE-2017-5118: Bypass of Content Security Policy in Blink. Reported by WenXu Wu of Tencent’s Xuanwu Lab on 2017-07-24
[$N/A][725127] Medium CVE-2017-5119: Use of uninitialized value in Skia. Reported by Anonymous on 2017-05-22
[$N/A][718676] Low CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. Reported by Xiaoyin Liu (@general_nfs) on 2017-05-05


Other features & improvements


The Network Information API is now available on desktop as well as Android, enabling sites to access the underlying connection information of a device.
Developers can now specify scrolling smoothness via a new optional parameter in existing Scroll APIs or with the scroll-behavior CSS property.
The CSSOM View Smooth Scroll API brings native smooth scrolling to the platform through a the scroll-behavior: smooth CSS property or by using the window.scrollTo() DOM scroll method, eliminating the need to implement this behavior with JavaScript
CSS color values can now be 8- and 4-digit hex colors of the format #RRGGBBAA and #RGBA.
Sites can now access the relative positions of the screen content with the Visual Viewport API, exposing complex functionality like pinch-and-zoom in a more direct way.
The Device RAM API is now available, exposing the amount of RAM on a user’s device to sites to optimize overall performance of a web application.
When navigating from an installed web app to a site outside the initial web app’s scope, the new site now automatically loads in a Custom Chrome Tab.
For video using native controls, Chrome will now automatically expand video to fullscreen when a user rotates their device in an orientation that matches a video playing on the screen.
nextHopProtocol is now available in Resource Timing and Navigation Timing, providing access to the network protocol used to fetch a resource.
Sites can now require embedded third-party content to enforce a given Content Security Policy via the new csp attribute on iframe elements.
The DOMTokenList interface now supports replace() to easily change all identical tokens to a new one, such as active to inactive on expiration.
To access a list of attribute names of an element, getAttributeNames() is now supported and gives developers a more direct mechanism than going through the attributes collection.
To increase security, sites will now automatically exit full screen if a JavaScript dialog opens.
Sites can now access an estimate for the disk space used by a given origin and quota in bytes via the Storage API’s new function.
To improve the browser’s cache hit rate, URLSearchParams now supports sort() to list all stored name-value pairs.
The URLSearchParams constructor has been updated to accept any object as a parameter instead of only other URLSearchParams instances.
To prevent the use of mis-issued certificates from going unnoticed, sites can use the new Expect-CTHTTP header which will enable automated reporting and/or enforcement of Certificate Transparency requirements.
Chrome will no longer decode frames for videos using Media Source in background tabs.
« Non-Live » camera settings such as photo resolution, red eye reduction, and flash mode can now be retrieved with ImageCapture.getPhotoSettings().
Sites can now use the Clear-Site-Data header to delete their own client-side data, such as cookies, service workers, storage, and cache entries.
Deprecations and interoperability improvements
To increase security, resources with URLs containing both \n and < characters will now be blocked.
To increase security, support for the Presentation API’s start function has been deprecated and removed for insecure contexts.
To align with the spec and preserve browser consistency, the scrollingElement is now thedocumentElement in standards mode.
To increase consistency across on attributes, onwheel attributes have been moved from Element to Window, Document, HTMLElement, and SVGElement.
To better follow spec and provide more granular control over the flow of referred content, Chrome now supports three new Referrer Policy values, same-origin, strict-origin, and strict-origin-when-cross-origin.
Following the change in spec, the maximum value for colSpan has been decreased from 8190 to


Nouveautés dans Google Chrome 61 >>  Google Chrome 61/nic61

Blog >> Blog Chrome