Chrome on macOS starts supporting passkeys on iCloud Keychain. This lets users create passkeys on iCloud Keychain and synchronize them across Apple devices.
Chrome 116 ships new FedCM capabilities such as Login Hint API, User Info API, and RP Context API, and starts an origin trial for IdP Sign-In Status API.
In Chrome 115, FedCM supports mediation requirements from Credential Management API which enables users to reauthenticate to the RP in a more streamlined manner after the initial consent.
Introducing a few updates to FedCM including a new origin trial for auto-reauthentication. When RPs opt-in, this feature enables reauthenticaticating users automatically when they come back after their initial authentication using FedCM.
WebAuthn conditional UI leverages browser's form autofill functionality to let users sign in with a passkey seamlessly in the traditional password based flow.
The `canmakepayment` service worker event in the Payment Handler API lets the merchant know whether the user has a card on file in an installed payment app. Chrome is removing properties attached to the event.
Chrome is deprecating access to private network endpoints from non-secure public websites as part of the Private Network Access specification. Read on for recommended actions.
`Cross-Origin-Embedder-Policy: credentialless` will be on origin trial starting Chrome 93. This new value allows web pages to enable cross-origin isolation without requiring cross-origin resources to respond with a `CORP: cross-origin` header by sending credentialless requests.
SharedArrayBuffer will arrive in Android Chrome 88. It will only be available to pages that are cross-origin isolated. Starting in Desktop Chrome 92 it will also only be available to cross-origin isolated pages. You can register for an origin trial to retain the current behavior until Desktop Chrome 113.
Unintentional exposure of devices and servers on a client’s internal network to the web at large makes them vulnerable to malicious attacks. CORS-RFC1918 is a proposal to block requests from public networks by default on the browser and require internal devices to opt-in to such requests.
In Chrome 56 and 57, there are a few changes to the Payment Request API following the spec changes. Learn what they are and make changes to your own implementations.
To provide a sophisticated user experience, it's important to help users authenticate themselves to your website. But creating, remembering and typing passwords tends to be cumbersome for end users, especially on mobile
By using `datalist`, your app can define a list of suggested results users should select from. They can either select an option from the list or enter freeform text.
The WebSocket protocol specification has recently been updated to solve previous security concerns and is largely stable
This site uses cookies to deliver and enhance the quality of its services and to analyze traffic. If you agree, cookies are also used to serve advertising and to personalize the content and advertisements that you see. Learn more about our use of cookies.