Google today launched Chrome 74 for Windows, Mac, Linux, Android, and iOS. The release includes support for dark mode in Windows, a reduced motion media query, private class fields, feature policy improvements, and more developer features. You can update to the latest version now using Chrome’s built-in updater or download it directly from google.com/chrome.

With over 1 billion users, Chrome is both a browser and a major platform that web developers must consider. In fact, with Chrome’s regular additions and changes, developers often have to stay on top of everything available — as well as what has been deprecated or removed — most notably, Chrome 74 removes popups during page unload.

Dark Mode

Chrome 73 introduced dark mode for Mac users, and Chrome 74 was supposed to do the same for Windows users. For whatever reason, the functionality is rolling out gradually, even though the support page is live.

Since Chrome is just piggy-backing off the visual look of each operating system, there is no option to turn on dark mode per se. To get dark mode in Chrome, you’ll have to simply enable dark mode on macOS or change your default app mode to dark on Windows.

Reducing motion sickness

Motion sickness in the browser is a real thing. Android provides an accessibility option to reduce motion whenever possible, as shown above in the “remove animations” setting. Chrome is now taking that a step further so websites can limit motion sickness when users are viewing parallax scrolling, zooming, and other motion effects.

Chrome 74 introduces prefers-reduced-motion (part of Media Queries Level 5) that allows websites to honor when an operating system is set to limit motion effects. This might not seem like a big deal today, but it could be very useful if websites start abusing motion effects.

Android and iOS

Chrome 74 for Android is rolling out slowly on Google Play. There is only one bullet point in the changelog: “Translate any web page instantly by selecting Translate from the menu.” Aside from that, version 74 includes stability and performance improvements and renames Data Saver as Lite Mode. In related news, Google also killed off the Data Saver extension.

Chrome 74 for iOS is also rolling out slowly on Apple’s App Store.

Security fixes

Chrome 74 implements 39 security fixes. The following were found by external researchers:

  • [$3000][913320] High CVE-2019-5805: Use after free in PDFium. Reported by Anonymous on 2018-12-10
  • [$3000][943087] High CVE-2019-5806: Integer overflow in Angle. Reported by Wen Xu of SSLab, Georgia Tech on 2019-03-18
  • [$3000][945644] High CVE-2019-5807: Memory corruption in V8. Reported by TimGMichaud of Leviathan Security Group. on 2019-03-26
  • [$3000][947029] High CVE-2019-5808: Use after free in Blink. Reported by cloudfuzzer on 2019-03-28
  • [$N/A][941008] High CVE-2019-5809: Use after free in Blink. Reported by Mark Brand of Google Project Zero on 2019-03-12
  • [$2000+$1,337][916838] Medium CVE-2019-5810: User information disclosure in Autofill. Reported by Mark Amery on 2018-12-20
  • [$2000][771815] Medium CVE-2019-5811: CORS bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-10-04
  • [$2000][925598] Medium CVE-2019-5812: URL spoof in Omnibox on iOS. Reported by Khalil Zhani on 2019-01-26
  • [$2000][942699] Medium CVE-2019-5813: Out of bounds read in V8. Reported by Aleksandar Nikolic of Cisco Talos on 2019-03-15
  • [$1000][930057] Medium CVE-2019-5814: CORS bypass in Blink. Reported by @AaylaSecura1138 on 2019-02-08
  • [$1000][930663] Medium CVE-2019-5815: Heap buffer overflow in Blink. Reported by Nicolas GrĂ©goire, Agarri on 2019-02-11
  • [$1000][940245] Medium CVE-2019-5816: Exploit persistence extension on Android. Reported by Yongke Wang of Tencent’s Xuanwu Lab (xlab.tencent.com) on 2019-03-10
  • [$1000][943709] Medium CVE-2019-5817: Heap buffer overflow in Angle on Windows. Reported by Wen Xu of SSLab, Georgia Tech on 2019-03-19
  • [$500][929962] Medium CVE-2019-5818: Uninitialized value in media reader. Reported by Adrian Tolbaru on 2019-02-08
  • [$N/A][919356] Medium CVE-2019-5819: Incorrect escaping in developer tools. Reported by Svyat Mitin on 2019-01-06
  • [$N/A][919635] Medium CVE-2019-5820: Integer overflow in PDFium. Reported by pdknsk on 2019-01-07
  • [$N/A][919640] Medium CVE-2019-5821: Integer overflow in PDFium. Reported by pdknsk on 2019-01-07
  • [$500][926105] Low CVE-2019-5822: CORS bypass in download manager. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-01-29
  • [$500][930154] Low CVE-2019-5823: Forced navigation from service worker. Reported by David Erceg on 2019-02-08
  • [955186] Various fixes from internal audits, fuzzing and other initiatives

Google thus spent at least $26,837 in bug bounties for this release, or double last month’s spending. As always, the security fixes alone should be enough incentive for you to upgrade.

Developer features

Chrome 72 introduced ECMAScript’s public class fields, which simplify class syntax by avoiding the need for constructor functions just to define instance properties. Chrome 74 lets you mark a field as private (just prepend the field with a #) and no consumer of the class can ever access its value. As with public class fields, your properties do not need to be in a constructor. Unlike public fields, private fields are not accessible outside of the class body.

Chrome 60 introduced feature policies so websites can selectively enable, disable, and modify the behavior of APIs and other web features through the Feature-Policy header or through the allow attribute on an iframe. Chrome 74 enhances feature policies with a JavaScript API, available from document.featurePolicy and frame.featurePolicy, via three functions:

  • allowedFeatures() returns a list of features allowed by the current domain.
  • allowsFeature() returns a boolean indicating whether a specific feature is allowed by either the current domain or by the specified domain.
  • getAllowlistForFeature() returns a list of domains used on the current page that allow a specified feature.

Chrome 74 also updates the V8 JavaScript engine to version 7.4. It includes JIT-less V8, WebAssembly Threads/Atomics, better performance, memory improvements, and new JavaScript language features. Check out the full changelog for more information.

Other developer features in this release include:

  • sampleRate option for the AudioContext constructor: Sets the “sampleRate” to a particular value for an AudioContext that will be created. This allows developers to set an arbitrary sample rate for audio processing in Web Audio API that is separate from the hardware rate. Use this to reduce complexity (by using a lower sample rate) or make the sample rate consistent across all devices by using a fixed rate and letting WebAudio resample appropriately for the hardware rate.
  • Intl.Locale: Chrome now supports the Intl.Locale class, which allows parsing and manipulating the language, region, and script of a locale; reading or writing the Unicode extension tags in a locale; storing user locale preferences for this API in a serializable, standard format (rather than using a combination of language and the options object).
  • Signed exchange reporting for distributors: Signed Exchange Reporting for distributors extends Network Error Logging to enable the distributors of signed exchanges to investigate signed exchange loading errors, such as certificate verification errors.
  • TextEncoder encodeInto() method: Chrome now supports TextEncoder.prototype.encodeInto(), which allows an encoded string to be written directly “into” a supplied pre-allocated buffer, offering a performant alternative to using encode() to produce a buffer and copying its contents into an existing buffer.
  • Service worker: client.postMessage() is buffered until the document is ready. To prevent messages from being delivered before the destination is ready, client.postMessage() does not dispatch the message until one of the following has occurred on the destination: DOMContentLoaded event is fired, onmessage is set, or startMessages() is called.
  • CSS transition events: The CSS Transitions specification requires that transition events are sent when a transition is enqueued, starts, ends, or is canceled as transitionrun, transitionstart, transitionend, and transitioncancel, respectively. These events mirror the CSS animation events that allow developers to observe CSS animations. Chrome now follows the specification.
  • RTCIceCandidate and RTCIceCandidateInit now comply with the specification. The RTCIceCandidate interface describes an ICE candidate in WebRTC. It is available in Chrome, but it is not spec compliant as it is missing some fields. There are also some deviations from the specification in terms of nullable and read-only attributes and errors thrown by the constructor.
  • XHR falls back to UTF-8 when invalid encoding is specified: When an invalid encoding is specified for an XMLHttpRequest (via overrideMimeType() or the response’s MIME type), UTF-8 is used in conformance with the specification. Previously, Latin-1 was used.

For a full rundown of what’s new, check out the Chrome 74 milestone hotlist.

Google releases a new version of its browser every six weeks or so. Chrome 75 will arrive by early June.