ep50 Monthly Web 201903
- published_at
- 2019-03-30
- guest
- @myakura
- toc
-
headings
Theme
第 50 回のテーマは 2019 年 03 月の Monthly Web です。
Show Note
Chrome 動向
- Stable: 73.0
-
Updates
-
New in Chrome 73
- https://developers.google.com/web/updates/2019/03/nic73
- Progressive Web Apps work everywhere (macOS)
- Signed HTTP exchanges.
- Constructable Style Sheets.
-
What's New In DevTools (Chrome 74)
- https://developers.google.com/web/updates/2019/03/devtools
- Highlight all nodes affected by CSS property
- Lighthouse v4 in the Audits panel
- WebSocket binary message viewer
- Capture area screenshot in the Command Menu
- Service worker filters in the Network panel
- Performance panel updates
- Long tasks in Performance recordings
- First Paint in the Timings section
- New DOM tutorial
-
KV Storage: the Web's First Built-in Module
- https://developers.google.com/web/updates/2019/03/kv-storage
- AsyncLocalStorage が KV Storage になった
- Built-in で
'std:kv-storage'に - import-map で polyfill にフォールバック可能になった
- Move Ya! Or maybe, don't, if the user prefers-reduced-motion!
- https://developers.google.com/web/updates/2019/03/prefers-reduced-motion
- prefers-reduces-motion
-
Chromium Blog: Chrome Lite Pages - For a faster, leaner loading experience
- https://blog.chromium.org/2019/03/chrome-lite-pages-for-faster-leaner.html
- data-saver を利用していると Google のサーバで最適化されたページが表示される
-
Introducing JsDbg - Browser-based debugging extensions for Chromium
- https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/6zhD3VuHi8s/pS4UkiKoCQAJ
- https://github.com/MicrosoftEdge/JsDbg
- DOM tree や AOM Tree まで触れるデバッガ
- Web 技術(HTML/CSS/JS) で作られている
- 今は Windows のみで、 WinDbg や VS debugger で使える
- 他の OS や他のデバッガ(GDB)などは future work
- BlinkOn 10 で話すらしい
-
Chromium Blog: Chrome 74 beta: reducing unwanted motion, private class fields, and feature policy API
- https://blog.chromium.org/2019/03/chrome-74-beta-reducing-unwanted-motion.html
- prefers-reduced-motion
- Private class fields (blog)
- JavaScript API for feature policy
- sampleRate option for the AudioContext constructor
- Intl.Locale
- Signed exchange reporting for distributors
- TextEncoder encodeInto() method
- Service worker: client.postMessage() is buffered until the document is ready.
- CSS transition events
- RTCIceCandidate and RTCIceCandidateInit
- XHR falls back to UTF-8 when invalid encoding is specified
- Remove Custom Elements v0
- Remove PaymentAddress's languageCode property
- Don't allow popups during page unload
- Deprecate drive-by downloads in sandboxed iframes
-
New in Chrome 73
-
Intents
- Ship: Background Fetch
-
Ship: Feature Policy control over document.domain
- https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/rZOaOONFCNI/4IZTJBYMCAAJ
document.domainに代入するとthrow errorするようになる
- Ship: WebAssembly non-trapping float-to-int conversions
-
Ship: lowLatency canvas contexts (now:
|desynchronized|) - Implement and Ship: Backdrop Filter
- Implement and Ship: ImageCapture support for Pan/Tilt
-
Implement and Ship: HTMLVideoElement.playsInline
- https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/0TJyePKiegs/24w8YsCQCAAJ
- mobile で fullscreen にならないための属性
- iPhone Safari の独自だったもの
-
Implement: line-break: anywhere
- https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/r7PkIqQDvlU/X0aocVo9BQAJ
- 単語の途中などでも任意の Character Unit で折り返しする
-
Implement: Impl threaded scrollbar scrolling
- https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/hwZCeiK4wR8/qZvGvW8WBwAJ
- Scrollbar のスクロールを off the main thread する話
- メインループが混んでてもスクロールができる
- イベントは Queue に貯めといてメインが空いたら上げる
- Implement: Add charLength Attribute to SpeechSynthesisEvent
- Implement outline-color: invert
-
Implement: Subresource prefetching+loading via Signed HTTP Exchange
- https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/zdvJLcditVA/FPuTNAKnCQAJ
- https://docs.google.com/document/d/1tARwhN_yymddnhyGrYmmM8b9RP0RKPKW_6T9yEI5CAg/edit
- AMP Cache から index.html.sxg を取る場合、サブリソースも AMP Cache から取りたい
- でも index.html.sxg の img タグは元の Origin で書かれている
- 署名されているから img タグを AMP Cache の URL に書き換えることもできない
- あらかじめ AMP Cache からとっても良いことを allowed-alt-sxg という meta タグで書いておく
- AMP Cache は index.html.sxg の中身を見てキャッシュにある img を認識しておく
- AMP Cache は index.html.sxg のレスポンスで Link タグに AMP Cache に別の URL で img があるよということを教える
- ブラウザは img を読む時にその AMP Cache 側にリクエストを投げる
- 署名されてるので AMP Cache が勝手に中身を差し替えたりできないし
- HTML を書き換えなくても origin のリクエストを全部 AMP Cache に向けられる
-
Implement: Alternative Text in CSS Generated Content
- https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/xnoMlEorXxw/mZisL9zqBwAJ
- CSS の background-image などで貼った画像に alt をつける
- content タグに書いた文字が alt として扱われる予定
- Safari は別の名前 (
-webkit-altプロパティ) としてサポート済み - 質問した https://github.com/w3ctag/design-reviews/issues/351
- Implement: ElementTiming for text
- Implement: Native Caret Browsing
- Implement: requestPostAnimationFrame
- Remove: overflow: -webkit-paged-x , overflow: -webkit-paged-y
- Deprecate: Prevent download in ad frame without user activation
- Deprecate and Remove: aria-help
- PSA: Layered API/built-in modules experimental flag renamed
- PSA: Fast Flat Tree Traversal enabled on trunk
- Experiment: WebRTC audio relative packet arrival delay statistic
- Experiment: KV storage built-in module + import maps
- Experiment: navigator.scheduling.isInputPending
- Implement and Experiment: Mute in Picture-in-Picture window
- Extend Origin Trial: Background Fetch
- Extend Origin Trial: Configurable WebRTC jitter buffer max size
- Unified V8-Blink Garbage Collected Heaps
- Team Weekly Snippet
-
v8
-
JIT-less V8
- https://v8.dev/blog/jitless
- 組み込み用途では実行可能メモリへのアクセスを許可できないため V8 が使えなかった
- そこで JIT 無しのインタプリタのみのモードを入れた
- 遅くはなるが、色々な用途が広がる
-
v8 blog
- V8 release v7.4 · V8
- Blazingly fast parsing, part 1: optimizing the scanner · V8
-
JIT-less V8
-
Other
- Welcome to the AMP Roadshow 2019. First stop: Africa!
- Encouraging more voices in AMP
- Browser Bug Searcher
- [BlinkOn 10] Draft schedule
- Announcing the AMP Conf Lineup!
- Take action and stay up-to-date with dynamic email in Gmail
- Building the future of email with AMP - Accelerated Mobile Pages Project
- Elliott Sprehn on Twitter: "I'm rethinking my former advice around web storage: localStorage reads are super fast since they read an in memory cache, writes are very slow. IndexedDB KV storage (like the built-in API proposal) has slow reads and writes and event loop delays on reads. @shubhie @\_developit"
Firefox 動向
-
Stable: 66.0.1
- Firefox 66 for developers - Mozilla | MDN
- Firefox 66.0, See All New Features, Updates and Fixes
- Firefox 66: The Sound of Silence - Mozilla Hacks - the Web developer blog
-
Updates
- These Weeks in Firefox: Issue 54
- These Weeks in Firefox: Issue 55
- Firefox Front-End Performance Update #14 | Mike Conley's Blog
- Firefox Front-End Performance Update #15 | Mike Conley's Blog
-
Intents
- Ship: Dynamic module imports (JS 'import()' syntax)
- Ship: String.prototype.matchAll
- Ship: CSS Containment
- Ship: Backward-Compatibility FIDO U2F support for Google Accounts
- Ship: Ignore custom cursors over 32 pixels intersecting UI
- Ship: URL classifier classification by default
- Ship: Backward-Compatibility FIDO U2F support for Google Accounts
- Implement and Ship the CSS Scroll Snap Module Level 1 and unship old scroll snap properties
- Implement and Ship: CSS revert keyword.
- Implement and Ship: CSS ::marker pseudo-element
- Implement and Ship: built-in CSS counter 'list-item'
- Implement and Ship: CSS counter-set property
- Implement: Trim the Referer header sent to third-party tracking resources to origin by default through modifying the default referrer policy
- Implement: Limit the maximum life-time of cookies set through document.cookie to seven days
-
Implement: cryptomining and fingerprinting resource blocking
- https://groups.google.com/forum/#!msg/mozilla.dev.platform/8KLyZ_pisEI/_1itq_i9CQAJ
- コンテンツブロッキングのリストに Mining/Fingerprint が追加された
- Coinhive なども入っている
- https://github.com/mozilla-services/shavar-prod-lists/blob/7eaadac98bc9dcc95ce917eff7bbb21cb71484ec/disconnect-blacklist.json
- これについては「セキュリティ動向」で
- Intermediate CA Preloading is enabled for desktop Nightly users
-
Disabling document.createEvent("TouchEvent"),
document.createTouch*andontouch*event handlers on desktop - Implement and Experiment: Require user interaction for notification permission prompts
- Unship: Some Shadow DOM v0 APIs
- Site Compat
-
Other
- Real virtuality: connecting real things to virtual reality using web technologies - Mozilla Hacks - the Web developer blog
- Fast, Bump-Allocated Virtual DOMs with Rust and Wasm
Safari 動向
- Stable: 12.1
-
Safari Technology Preview NN
-
Release Notes for Safari Technology Preview 77
- https://webkit.org/blog/8658/release-notes-for-safari-technology-preview-77/
- Fixed getUserMedia with an ideal deviceId constraint to always select the correct device (r241489)
- Made navigator.mediaDevices SecureContext (r241602)
- Fixed WebSocket to not fire events after being stopped (r241599)
- Fixed Same-Site Lax cookies to be sent with cross-site redirect from a client-initiated load (r241918)
- Updated the MIME type parser (r241863)
- Changed to handle indefinite percentages in fit-content() (r241746)
- Fixed HTML5
<footer>tag to be read as an ARIA Landmark to VoiceOver (r242051) - Fixed incorrectly mapping the
<meter>element to progressbar (r241989) - Fixed setting fullscreen pseudo-classes outside of root when entering fullscreen from inside of a shadow root (r241484)
- Changed inline WebVTT styles to start with
::cue(r241608) - Fixed a bug that caused loading on some sites to hang in Safari Technology Preview (r241658)
- Made the window.safari object available in frames opened to safari-extension:// resources
-
Release Notes for Safari Technology Preview 78
- https://webkit.org/blog/8676/release-notes-for-safari-technology-preview-78/
- Enabled support for Pointer Events by default (r242232)
- Added support for Pointer Events on macOS (r242137)
- Fixed string not getting terminated with a null character (r242352)
- Adjusted XMLHttpRequest Content-Type handling (r242284)
- Added support for the referrerpolicy attribute (r242534)
- Implemented further CORS restrictions (r242786)
- Added remote search support for keyboard focusable element search type (r242528)
- Removed HEVC as a codec requiring hardware support (r242357)
-
Release Notes for Safari Technology Preview 77
-
Other
-
On the Road to WebRTC 1.0, Including VP8
- https://webkit.org/blog/8672/on-the-road-to-webrtc-1-0-including-vp8/
- VP8 Video Codec
- Video Simulcast
- Unified Plan
- Additional API updates
-
On the Road to WebRTC 1.0, Including VP8
Edge 動向
- Stable: EdgeHTML18
- Status Updates
- EdgeHTML
- Build Changelog
-
Chakra
- Release ChakraCore v1.11.7 · Microsoft/ChakraCore
-
Other
-
Announcing Windows 10 Insider Preview Build 18358 | Windows Experience Blog
- https://blogs.windows.com/windowsexperience/2019/03/15/announcing-windows-10-insider-preview-build-18358/
- Windows Defender Application Guard as browser extensions in Google Chrome and Mozilla Firefox
- Microsoft 、 Chrome と Firefox 向け「Windows Defender Application Guard」拡張機能公開
- https://www.itmedia.co.jp/news/articles/1903/18/news077.html
- Japan Support Blog がついにアクセスできなくなる
-
Announcing Windows 10 Insider Preview Build 18358 | Windows Experience Blog
WHATWG/W3C 動向
-
#Web30
- W3C celebrates the 30th anniversary of the Web
- 30 years on, what's next #ForTheWeb?
- Building browsers! #Web30 | Vivaldi Browser
-
Recommendation
- Web Authentication: An API for accessing Public Key Credentials Level 1 is a W3C Recommendation
- Proposed Recommendation
- Candidate Recommendation
- Working Draft
-
First Public Working Draft
- First Public Working Draft: User Timing Level 3
-
Chartering
- zot protocol Community Group Proposed
- [wbs] response to 'Call for Review: Patents and Standards Interest Group Charter'
- Patents and Standards Interest Group (PSIG)
- Web Applications Working Group
- Scalable Vector Graphics (SVG) Working Group Revised Charter Approved; Call for Participation
-
Other
- Upcoming: Second W3C Workshop on the Web of Things
- W3C Workshop Report: Strong Authentication and Identity
-
[ External ] Moving Delivered JavaScript Forward
- https://docs.google.com/document/d/1kOLu53dYzwElJZ6JBgMR137-Rdj8cDc_rX2YkPFYUsY/edit
- Add first-class support for differential script loading · Issue #4432 · whatwg/html
- https://github.com/whatwg/html/issues/4432
- syntax 属性を追加して、 ECMA 2019 などのバージョンで読み込むスクリプトを変えられるようにする提案
- babel などで変換する粒度を変えられる
- Upcoming: W3C Workshop on Web Games, 27-28 June
-
Name suggestions · Issue #2 · mikewest/sec-metadata
- https://github.com/mikewest/sec-metadata/issues/2
sec-metadataはsec-fetch-*で land されたのでフィニッシュ
-
Unpopular opinions: Standards edition (TC39, W3C, WHATWG, IETF, ISO, whatever) What do you *really* think? by littledan
- https://twitter.com/littledan/status/1109521891864338438
- 「標準化ってぶっちゃけどう思う?」
- W3C doesn't help its invited experts. It should. - Tobie Langel - Medium
TC39 動向
-
Proposals Diff
- https://github.com/tc39/proposals/compare/master@{2019-03-01}...master@{2019-04-01}
-
0->1
- Promise.any
-
1->2
- String.replaceAll
-
2->3
- Promise.allSettled
- Static class fields and private static methods
- 3->4
-
New Proposals
- isTemplateObject
-
Other
-
A Homepage for the JavaScript Specification
- https://hacks.mozilla.org/2019/03/a-homepage-for-the-javascript-specification/
- https://tc39.github.io/
- JS のスペックや Proposal を追うためのハブサイト
- spec/test/presentation などのリンクがまとまってる
- 簡単な Example コードがあるものも
-
A Homepage for the JavaScript Specification
IETF 動向
- IETF
-
IETF 104 Prague 3/23 - 29
-
Agenda
- https://ietf.org/how/meetings/104/
- https://datatracker.ietf.org/meeting/104/agenda/
- https://datatracker.ietf.org/meeting/104/materials/agenda-104-doh-03
- https://datatracker.ietf.org/meeting/104/materials/agenda-104-httpbis-01
- https://datatracker.ietf.org/meeting/104/materials/agenda-104-quic-02
-
https://datatracker.ietf.org/meeting/104/materials/agenda-104-dispatch-02
- また webpackaging が dispatch に
- Hackathon
- httpwg/wg-materials
-
Agenda
-
RFC
- RFC 8555 - Automatic Certificate Management Environment (ACME)
- IETF Last Call
- WG Last Call
- Call for Adoption
- I-D Action
-
Draft
- Digital Product Life Cycle Model
- Identifying HTTP Exchanges with URIs
- Transport parameters for 0-RTT connections
- TLS Handshake in CBOR
- HTTP Transport for the Open Trust Protocol (OTrP)
- the Use Cases for the Application of Multi-Service Tag
- Use of the Hash-based Signature Algorithm with CBOR Object Signing and Encryption (COSE)
- DNS Update Proxy for Service Discovery
- Associating a DoH Server with a Resolver
- Use of TLS for Email Submission and Access
- Anonymous Tickets for TLS 1.3
- Additional Algorithm Registrations for COSE and JOSE
- Best practices for TLS Downgrade
- CBOR Object Signing and Encryption (COSE): Hash Algorithms
- Compatible Version Negotiation for QUIC
- Deprecation of IKEv1 and obsoleted algorithms
- Connection Setup in a Quantum Network
- Exploring QUIC Connection Migration
- Encoding DNS-over-TLS (DoT) Subject Public Key Info (SPKI) in Name Server name
- Fast Congestion Response
- Private Discovery with TLS-ESNI
- DNS over HTTPS (DoH) Considerations for Operator Networks
- Architectural Principles for a Quantum Internet
- Support for Path MTU (PMTU) in the Path Computation Element Communication Protocol (PCEP).
- JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens
- An HTTP/2 extension for bidirectional messaging communication
- The Entity Attestation Token (EAT)
- Alternative DNS Certification Authority Authorization (CAA) Resource Record
- Private DNS Subdomains
- Best practices for TLS Downgrade
- A Flags Extension for TLS 1.3
- Concise Binary Object Representation (CBOR) Tag for Coordinate Reference System (CRS) Specification
- CMS Content Types for CBOR
- Interactive Connectivity Establishment Patiently Awaiting Connectivity (ICE PAC)
- Other
セキュリティ動向
-
Monsters in the Middleboxes: Introducing Two New Tools for Detecting HTTPS Interception
- https://blog.cloudflare.com/monsters-in-the-middleboxes/
- MITMEngine
- MALCOLM
- Coinhive
-
#alertloop
- https://www.hacker.or.jp/
- 一般社団法人日本ハッカー協会で寄付を募り 6,934,471 円の寄付を集めた
- 法的支援や転職支援を行う協会の会員有志が始めた
周辺動向
- OpenJS Foundation
- NGINX to Join F5: Proud to Finish One Chapter and Excited to Start the Next - NGINX
- Preventing Request Loops Using CDN-Loop
- Why Fastly loves QUIC and HTTP/3
- Google to offer Android users browser choice - QuirksBlog
イベント
-
3 月
- 23-29: IETF 104 Prague
-
4 月
-
9-10: BlinkOn 10 Canada
- https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/5K4WbTlD9rI
- 3min LT 大会が復活したらしい
- 17-18: AMP Conf 2019: Tokyo
-
9-10: BlinkOn 10 Canada
-
5 月
- 7-9: Google I/O
-
6 月
- 1-2: JSConf EU
- 7 月
- 8 月
-
9 月
- 16-20: W3C TPAC 2019 (Fukuoka)