ep81 Monthly Web 202103
- published_at
- 2021-04-04
- guest
- @myakura
- toc
-
headings
Theme
第 81 回のテーマは 2021 年 3 月の Monthly Web です。
Show Note
Chrome 動向
Stable: 89
Updates
-
Chromium Blog: Speeding up Chrome's release cycle
- https://blog.chromium.org/2021/03/speeding-up-release-cycle.html
- https://developer.chrome.com/blog/faster-release-cycle/
- M94 から 6 週間ごとのリリースが 4 週間ごとになる
- さらに組み込み利用などにむけ 8 週間ごとの Extended Stable を並行リリース
- Extended もセキュリティ更新は 2 週間ごとにくる
-
Chromium Blog: Chrome 90 Beta: AV1 Encoder for WebRTC, New Origin Trials, and More
- https://blog.chromium.org/2021/03/chrome-90-beta-av1-encoder-for-webrtc.html
- https://developers-jp.googleblog.com/2021/04/chrome-90-webrtc-av1.html
- AV1 Encoder
-
Origin Trials
-
New Origin Trials
- getCurrentBrowsingContextMedia()
- MediaStreamTrack Insertable Streams (a.k.a. Breakout Box)
- Subresource Loading with Web Bundles
- WebAssembly Exception Handling
-
Completed Origin Trials
- WebXR AR Lighting Estimation
-
New Origin Trials
-
Other Features in this Release
- CSS
- aspect-ratio Interpolation
- Custom State Pseudo Classes
- Implement 'auto' value for appearance and -webkit-appearance
- overflow: clip Property
- overflow-clip-margin Property
- Permissions-Policy Header
- Protect application/x-protobuffer via Cross-Origin-Read-Blocking
- Seeking Past the End of a File in the File System Access API
- StaticRange Constructor
- Support Specifying Width and Height on
<source>Elements for<picture> - WebAudio: OscillatorOptions.periodicWave is Not Nullable
-
JavaScript
- Relative Indexing Method for Array, String, and TypedArrays
-
Deprecations, and Removals
- Remove Content Security Policy Directive 'plugin-types'
- Remove WebRTC RTP Data Channels
- Return Empty for navigator.plugins and navigator.mimeTypes
-
What's New In DevTools (Chrome 90)
- https://developer.chrome.com/blog/new-in-devtools-90/
- New CSS flexbox debugging tools
- New Core Web Vitals overlay
-
Issues tab updates
- Moved issue count to the Console status bar
- Report Trusted Web Activity issues
- Format strings as (valid) JavaScript string literals in the Console
- New Trust Tokens pane in the Application panel
- Emulate the CSS color-gamut media feature
- Improved Progressive Web Apps tooling
- New Remote Address Space column in the Network panel
- Performance improvements
- Display allowed/disallowed features in the Frame details view
- New SameParty column in the Cookies pane
- Deprecated non-standard fn.displayName support
- Deprecation of Don't show Chrome Data Saver warning in the Settings menu
-
Experimental features
- Automatic low-contrast issue reporting in the Issues tab
- Full accessibility tree view in the Elements panel
-
Chromium Blog: Mitigating Side-Channel Attacks
- https://blog.chromium.org/2021/03/mitigating-side-channel-attacks.html
- Sec-Fetch
- CORP
- Frame-Option
- COOP
- CORB
- X-Content-Type-Option
- などを組み合わせると Side Channel 攻撃対策になるという話
- Chromium Blog: Advanced memory management and more performance improvements in M89
-
Chromium Blog: A safer default for navigation: HTTPS
- https://blog.chromium.org/2021/03/a-safer-default-for-navigation-https.html
- M90 から URL の直接入力で HTTPS がデフォルトになる
- だめだったら HTTP にフォールバック
- localhost などは別
-
Google Online Security Blog: A Spectre proof-of-concept for a Spectre-proof web
- https://security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html
- https://leaky.page/
- これまであまり公開されてこなかった Spectre の DEMO が公開された
- 2020 Q4 Summary from Chrome Security
Intents
- Ship: Critical-CH, a Client Hint reliability mechanism
-
Ship: Single
<compound-selector>for :host(), :host-context() - Ship: Import Assertions and JSON Modules
- Ship: Block HTTP port 554
-
Ship: Class static initializer blocks
- https://groups.google.com/a/chromium.org/g/blink-dev/c/pzy_Z3AwmaY/m/FeXzN3hnAwAJ
- 別で Temporal の Position を Mozilla に聞いた
- Anne "反対だったら Stage 3 になる前に止めてるからいちいち聞くな"
- そのコメントが引用されて「mozilla は stage 3 には全部 positive だ」と使われている
- Ship: GravitySensor API
- Ship: adaptivePtime property for RTCRtpEncodingParameters
- Ship: Align performance API timer resolution to cross-origin isolated capability
- Ship: CTAP2 credBlob extension
- Ship: WebOTP API: cross-origin iframe support
- Ship: Managed configuration for Web Applications
- Ship: inert attribute
- Ship: Clear window name for cross-site navigations that switches browsing context group
- Ship: Suggested file name and location for the File System Access API
- Ship: Dedicated workers as service worker clients
- Implement and Ship: Honor media HTML attribute for link icon
- Prototype and Ship: ES Modules for service workers ('module' type option)
-
Prototype: document.prerendering
- https://groups.google.com/a/chromium.org/g/blink-dev/c/8R6kvHjiqdw
- もともと
document.visibilityState == 'prerendering'が Ship されていた - しかし
hiddenでもprerenderingな場合もあるため Unship - 代わりにに
document.prerenderingが追加された - prerender2 の準備っぽい
- Prototype: App history API
- Prototype: First "Locally-Executed Decision over Groups" Experiment (FLEDGE)
- Prototype: Media Session API: Video conferencing actions
- Prototype: Note taking new note URL
- Prototype: Lock Screen API
- Prototype: JPEG XL decoding support (image/jxl) in blink
- Prototype: Compute Pressure
- Prototype: ALPS and ACCEPT_CH HTTP/2 and HTTP/3 frames
- Experiment: Secure Payment Confirmation V2
- Experiment: Federated Learning of Cohorts
- Experiment: Viewport-height client hint
- Experiment: Subresource loading with Web Bundles
- Extend Origin Trial: WebCodecs
- Experiment: File Handling API
- Experiment: Handwriting Recognition API
- Experiment: WebXR Plane Detection API
- Change:
- Unship:
- Remove: EME persistent-usage-record session
- Remove: webkitBeforeTextInserted & webkitEditableContentChanged JS events
- Ready for Trial: JPEG XL decoding support (image/jxl) in blink
- Ready for Trial: Sanitizer API
- PSA: CSS property 'font-size-adjust' will no longer be a Web Platform Experimental Feature
- FYI: DNS-over-HTTPS (DoH) support coming soon to Linux
- Action required: You're invited to BlinkOn 14 in 1H 2021!
- [blink-dev] Reminder - action required: You're invited to BlinkOn 14 in 1H 2021!
- Call for lightning talks at BlinkOn 14!!
V8
-
Faster releases · V8
- https://v8.dev/blog/faster-releases
- Chrome と同じく 4 週間
- Extended Stable も提供
- V8 release v9.0 · V8
Other
-
web.dev
- Agrofy: A 70% improvement in LCP correlated to a 76% reduction in load abandonment
- How CLS optimizations increased Yahoo! JAPAN News's page views per session by 15%
- JavaScript: What is the meaning of this?
-
Debugging layout shifts
- https://web.dev/debugging-layout-shifts/
- URL が変わった? => debug-layout-shifts
- How Wix improved website performance by evolving their infrastructure
- Vodafone: A 31% improvement in LCP increased sales by 8%
- Building a Settings component
- Mitigate cross-site scripting (XSS) with a strict Content Security Policy (CSP)
- Lowe's website is among fastest performing e-commerce websites
-
Compat2021: Eliminating five top compatibility pain points on the web
- https://web.dev/compat2021/
- 互換性に関する調査から、特に 5 つの問題にフォーカスする
- CSS Flexbox
- CSS Grid
- CSS position: sticky
- CSS aspect-ratio property
- CSS transforms
- What is Federated Learning of Cohorts (FLoC)?
- Best practices for cookie notices
- Debug Web Vitals in the field
- Debug layout shifts
- Adding Rank Magnitude to the CrUX Report in BigQuery.
-
google developer blog
- https://developers.googleblog.com/
- Clarifications about the SharedArrayBuffer object message
-
New resources for video SEO | Google Search Central Blog
- https://developers.google.com/search/blog/2021/03/new-resources-for-video-seo
- Make your videos available on the web
- Provide structured data with VideoObject markup
- Include high-quality thumbnails
- Submit a video sitemap
- Make video content files accessible
- Google Developers Blog: Modernizing your Google App Engine applications
- google developer japan blog
- chromium blog
- canary
-
amp
- Optimizing your AMP page experience for Core Web Vitals - The AMP Blog
-
Privacy, sustainability and the importance of "and"
- https://blog.google/products/chrome/privacy-sustainability-and-the-importance-of-and/
-
FLoC の Origin Trial を一部地域で開始するというアナウンス
- Australia, Brazil, Canada, India, Indonesia, Japan, Mexico, New Zealand, Philippines and the U.S
- あわせて https://www.privacysandbox.com/ も公開
-
Android の Chrome と WebView で障害
- https://twitter.com/googlejapan/status/1374269162961268741
- Google Japan on Twitter: "Android アプリが一部のユーザーで強制終了する問題を修正しました。不具合が解消しない場合は、 Google Play ストアから Android システムの WebView と Google Chrome をアップデートしてください。ご迷惑をおかけした皆さまにお詫び申し上げます。" / Twitter
Firefox 動向
Stable: 87.0
Updates
- In March, we see Firefox 87 - Mozilla Hacks - the Web developer blog
- Firefox 87 for developers - Mozilla | MDN
- Firefox 87.0, See All New Features, Updates and Fixes
-
Firefox 87 trims HTTP Referrers by default to protect user privacy - Mozilla Security Blog
- https://blog.mozilla.org/security/2021/03/22/firefox-87-trims-http-referrers-by-default-to-protect-user-privacy/
- デフォルトの Referrer が strict-origin-when-cross-origin に
-
Firefox 87 introduces SmartBlock for Private Browsing - Mozilla Security Blog
- https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/
- ETP の Strict mode ではリソースの読み込みをブロックしている
- ブロックされたスクリプトに依存したページが読めない問題があった
- ページが表示されるように shim を用意し提供
- These Weeks in Firefox: Issue 89 - Firefox Nightly News
- These Weeks in Firefox: Issue 90 - Firefox Nightly News
Intents
-
Ship:
- Enable State Partitioning in Private Browsing Mode
- Top Level Await
- PerformanceEventTiming API
- Honoring bogo-XML declaration for character encoding in text/html
- sha2 windows signing
- AbortSignal.abort()
- AV1 Still Image File Format (AVIF)
- aspect-ratio property
-
Prototype and Ship
-
Support
document.execCommandand related API in<input>and<textarea> -
make width and height map to aspect-ratio for
<video>,<canvas>and<input type=image> - Make mac mouse focus model closer to other platforms
- ruby-position: alternate
-
Support
-
Prototype
- WebAssembly exception handling proposal
- Default font metrics overriding
- glyph-scale-factor descriptor for @font-face rules
- Honoring bogo-XML declaration for character encoding in text/html
-
fit-content()function
- Experiment:
-
Unship
- cross-context @@hasInstance in IDL interfaces
- Change:
-
Remove:
- intl.uidirection pref
Other
- Reinstating net neutrality in the US - The Mozilla Blog
-
MDN localization in March - Tier 1 locales unfrozen, and future plans
- https://hacks.mozilla.org/2021/03/mdn-localization-in-march-tier-1-locales-unfrozen-and-future-plans/
- Tier 1 (fr, ja, ru, zh-CN, zh-TW) のロケールが編集可能に戻った
- アクティブコントリビューターが紹介されている(日本人による ja チームも)
-
メンテされてないロケールの非表示化を 4/30 に行う
- 韓国語やドイツ語など、 Tier 1 ではないもののアクセスの多いものは公開継続してメンテナを募る
- How MDN's site-search works - Mozilla Hacks - the Web developer blog
- A web testing deep dive: The MDN web testing report - Mozilla Hacks - the Web developer blog
Safari 動向
Stable: 14.0.3
Updates
-
Release Notes for Safari Technology Preview 122
- https://webkit.org/blog/11577/release-notes-for-safari-technology-preview-122/
-
CSS
- Implemented :focus-visible (r273812, r272983)
- Implemented the first case in Definite and Indefinite Sizes specifications in section 9.8 for flexbox (r273072)
- Added experimental support for CSS Color 5 color-contrast() (r273683)
- Added experimental support for CSS Color 5 color-mix() (r273244)
- Added experimental support for CSS Color 5 Relative Color Syntax (r273127)
- Added support for aspect-ratio on flexbox items (r273193)
-
JavaScript
- Enabled private methods (r273125)
- Implemented private static methods (r273107)
- Implemented top-level-await (r273225)
- Implemented RegExp Match Indices (r273086)
- Implemented GC verifier (r273138)
- Added support for modules in Workers and Worklets (r273203)
- Added support for modules in Service Workers (r273224)
-
WebAssembly
- Extended wasm type with type index (r273813)
- Implemented non-trapping float to int conversion (r272933)
-
Web API
- Enabled Paint Timing (r273221, r273220)
-
WebRTC
- Added support for WebRTC priority (r273550)
- Added support for BigInt as media-stream encryption key (r273158)
-
Accessibility
- Added the ability for an embedded accessibility image description in an image file to be reported if available (r273214)
-
Release Notes for Safari Technology Preview 123
- https://webkit.org/blog/11585/release-notes-for-safari-technology-preview-123/
-
CSS
- Changed to consider intrinsic sizes as automatic whenever the block axis of the flex item is the flexible box main size (r273955)
- Fixed orthogonal items with percentage sizes in Flexbox (r273958)
- Fixed position: sticky behavior in a table with dir=RTL (r273982)
-
Web API
- Removed the Origin header if the navigation request goes from POST to GET (r273905)
Position
- [webkit-dev] Request for position: Honor media HTML attribute for link icon
- [webkit-dev] Request for position on Import Conditions
- [webkit-dev] Request for position: ES modules for Service Workers
- [webkit-dev] Request for position: class static blocks
- [webkit-dev] Request for Position on Sanitizer API
- [webkit-dev] Request For Position on CSS containment
- [webkit-dev] Request for position: Aligning high-resolution timer granularity to cross-origin isolated capability
- [webkit-dev] Request for Position: COLR v1 Vector Color Fonts
- [webkit-dev] Request for position: WebAuthn support for credBlob and minimum PIN length
- [webkit-dev] Request for position: Media Session video conferencing actions
- [webkit-dev] Request for Position on RTCRtpEncodingParameters.adaptivePtime
- [webkit-dev] Request for position: Managed Configuration API
- [webkit-dev] Request for position: Support using WebOTP API in cross-origin iframes
- [webkit-dev] Request for position on Handwriting Recognition API
Other
Edge 動向
Stable: 89
Ignite
-
MS Ignite
- https://myignite.microsoft.com/sessions
- Top reasons why customers love Microsoft Edge
Updates
-
Microsoft Edge Legacy desktop application support ends today - Microsoft Edge Blog
- https://blogs.windows.com/msedgedev/2021/03/09/microsoft-edge-legacy-end-of-support/
- Edge Legacy のサポートが 3/9 で終了
- Serving our customers more effectively with new release cycles for Microsoft Edge - Microsoft Edge Blog
- Microsoft Edge 89: Delivering improved browser performance to get the job done - Microsoft Edge Blog
- Joining forces on better browser compatibility in 2021 - Microsoft Edge Blog
Chakra
Other
- Per-Site Permissions in Edge - text/plain
- Specifying Per-Site Policy with Chromium's URL Filter Format - text/plain
WHATWG/W3C 動向
Draft
- Recommendation
- Proposed Recommendation
-
Candidate Recommendation
- Updated Candidate Recommendation: CSS Scroll Snap Module Level 1
- Updated Candidate Recommendation: Timed Text Markup Language 2 (TTML2) (2nd Edition)
- Working Draft
-
First Public Working Draft
- First Public Working Draft: Open Screen Protocol
- First Public Working Draft: Post-Spectre Web Development
- First Public Working Draft: Indexed Database API 3.0
- Chartering
Other
- Authorized Translation of WCAG 2.1 in Polish
ES2021
-
Release ES2021 Candidate March 2021 · tc39/ecma262
- https://github.com/tc39/ecma262/releases/tag/es2021-candidate-2021-03
- String.prototype.replaceAll
- Promise.any()
- WeakRefs
- Logical assignment operators
- number literals and bigint literals
Meeting
-
2021-03
- https://github.com/tc39/agendas/blob/master/2021/03.md
- https://github.com/tc39/notes/blob/master/meetings/2021-03/mar-9.md
- https://github.com/tc39/notes/blob/master/meetings/2021-03/mar-10.md
- ECMA 402
- Introducing: Make B.1.{1,2} (octal literals & escapes) normative for sloppy code
- Normative: specify creation order for capturing group properties
- Backup incumbent tracking for FinalizationRegistry jobs
- Class Static Initialization Blocks
- Records and Tuples update
- Async Do update towards stage 2
- Top-level await status update
- ECMA Recognition Awards
- Module Fragments (For Stage 1)
- Collection normalization methods
- Temporal for Stage 3
- RegExp set notation: Update
- Error.prototype.cause for stage 3
- Promise.anySettled
- Array find from last
- ResizableArrayBuffer for Stage 3
- Incubation call chartering
- Intl.Segmenter for Stage 4
- Top-level await
- Temporal Pt 2
- Pipeline Operator
- Opt-Out Period
Proposals Diff
- https://github.com/tc39/proposals/compare/master@{2021-03-01}...master@{2021-04-01}
- https://tc39.github.io/beta/
-
0->1
- Module Fragments
-
1->2
- Array find from last
-
2->3
- Error Cause
- Temporal
- Class Static Block
- 3->4
New Proposals
-
Provides additional methods to Array.prototype to enable changes on an array by returning a new copy of it with the change.
- https://github.com/rricard/proposal-change-array-by-copy
- record / tuple に必要な immutable な method を Array.prototype にも入れる案
- pushed / shifted / with など
Other
- ECMAScript 2021: the final feature set
IETF 動向
WG
- IETF110
-
httpwg
- https://lists.w3.org/Archives/Public/ietf-http-wg/
- https://github.com/httpwg/wg-materials/
- IETF110 は無し
- Targeted HTTP Response Header Fields for Cache Control
- I-D Action: draft-ietf-httpbis-message-signatures-02.txt
- I-D Action: draft-ietf-httpbis-bcp56bis-10.txt
- I-D Action: draft-ietf-httpbis-bcp56bis-11.txt
-
Re-WGLC for BCP65bis
- https://lists.w3.org/Archives/Public/ietf-http-wg/2021AprJun/0003.html
- いよいよ大詰めだけど最後の WGLC が結構前なのでもう一度
- Call for Adoption: draft-bdc-something-something-certificate-05
- I-D Action: draft-ietf-httpbis-safe-method-w-body-00.txt
- I-D Action: draft-ietf-httpbis-messaging-15.txt
- I-D Action: draft-ietf-httpbis-cache-15.txt
- I-D Action: draft-ietf-httpbis-semantics-15.txt
- Hopefully-final draft-ietf-dnsop-svcb-https-04
- I-D Action: draft-ietf-httpbis-message-signatures-02.txt
- quicwg
- webtrans
- tlswg
- wpack
- privacypass
- dispatch
- secdispatch
Spec
-
RFC
- Joke RFC: 見てない
- IETF Last Call
- WG Last Call
- Call for Adoption
- I-D Action
- Draft
Other
- Where is HTTP/3 right now? | daniel.haxx.se
CDN 動向
Cloudflare
Fastly
- 2020 Year-in-Review: COVID drives "bump" in traffic across various industries | Fastly
Other
セキュリティ動向
- Spectre DEMO
周辺動向
-
Brave acquires search engine to offer the first private alternative to Google Search and Google Chrome on both mobile and desktop
- https://brave.com/brave-search/
- 2020 年にサービス終了した検索エンジン Cliqz の開発者が集うオープンな検索エンジン Tailcat を買収
- Brave Search という検索エンジンを提供予定
- The Performance Inequality Gap, 2021 - Infrequently Noted
- Reactive Data With Modern JavaScript - Infrequently Noted
- Good news about display: contents and Chrome
-
Who has the fastest F1 website in 2021?
- Part 1 - JakeArchibald.com
- Part 2 - JakeArchibald.com
- Part 3 - JakeArchibald.com
- Part 4 - JakeArchibald.com
- Part 5 - JakeArchibald.com
イベント
-
6 月
- 7-11: WWDC 2021
-
24-30: IETF111
- IETF 111 San Francisco
Wrap Up
- Chrome Faster release from 94
- Spectre PoC DEMO
- URL bar default to https://
- ship: JSON modules
- ship: inert
- prototype: document.prerendering
- Web.dev CWV debugging や case study 系の記事
- Compat 2021 で CSS Flexbox/Grid etc の改善着手
- privacysandbox.com
- FLoC OT
- Android chrome/webivew 障害
- Referer Policy Default change
- ETP で built in shim へのフォールバック?
- MDN Tier 1 locale unfrozen
- Firefox Ship: aspect-ratio
- Safari focus-visible
- Private (static) method
- Worklets & module in sw
- Igalia contribution
- Edge Legacy サポート終了
- Post-Spectre Web Development
- ES2021 Candidate
- Record & Tuple の immutable method 提案
- Temporal Stage 3 と Standard Position
- Promise.race と anySettled の話
- Module Fragments for stage 1
- BCP65bis の Re-WGLC