ep97 Monthly Web 202205
- published_at
- 2022-06-05
- guest
- @myakura
- toc
-
headings
Theme
第 97 回のテーマは 2022 年 5 月の Monthly Web です。
Show Note
Chrome 動向
Stable: 102
Updates
-
New in Chrome 101
- https://developer.chrome.com/en/blog/new-in-chrome-101/
- hwb() color notation
- Priority Hints
- What's New In DevTools (Chrome 102)
- Deprecations and removals in Chrome 103
-
Chromium Blog: Chrome 103 Beta: Early Navigation Hints, a Host of Completed Origin Trials, and More
- https://blog.chromium.org/2022/05/chrome-103-beta-early-navigation-hints.html
- Early Hints for Navigation
-
Origin Trials
-
New Origin Trials
- Federated Credentials Management
-
Completed Origin Trials
- Local Font Access
- Same-Origin Prerendering Triggered by the Speculation Rules API
- Update User-Agent Client Hints GREASE Implementation
-
New Origin Trials
-
Other Features in this Release
- AbortSignal.timeout() Static Method
- ARIA Attribute Reflection for the role Attribute
- avif is Now a Permitted Web Share File Extension
- "deflate-raw" Compression Format
- form rel Attribute
- popstate Fires Before Load
- Restrict Gamepad Usage
- SerialPort
forget() - Support visual-box on overflow-clip-margin
- User Activation Required for SPC Credential Enrollment
-
Deprecations, and Removals
- Block External Protocol in Sandboxed iframe
- Remove Battery Status API on Insecure Origins
- Remove
<param>Element
-
Google I/O
- Google I/O 2022: That's a wrap!
Intents
- Ship: "deflate-raw" on compression and decompression streams
- Ship: Container Queries
- Ship: Element.isVisible method
- Ship: Opaque Response Blocking (ORB, aka CORB++) v0.1
- Ship: Subresource Loading with Web Bundles
- Ship: User Agent Client Hints GREASE Update
- Ship: form rel attribute
-
Ship:
:has()pseudo class - Ship: CSS object-view-box
- Ship: WebGL canvas color management
- Ship: 'blocking=rendering' attribute on scripts and style sheets
-
Ship: CSS
:modalPseudo Class - Ship: Default SVG cursor size set from OS settings
- Ship: DisplayMediaStreamConstraints.selfBrowserSurface
- Ship: DisplayMediaStreamConstraints.systemAudio
- Ship: MediaTrackConstraintSet.displaySurface
- Ship: MediaTrackSupportedConstraints.suppressLocalAudioPlayback
- Ship: Sanitizer API MVP
- Ship: Prevent fixed elements from moving during elastic overscroll.
- Prototype and Ship: User Activation Requirement for SPC Credential Enrollment
- Prototype and Ship: Multi-Screen Window Placement: Fullscreen Companion Window
- Prototype and Ship: Support visual-box on overflow-clip-margin
- Prototype and Ship: CSS grid-template properties interpolation
-
Prototype and Ship:
Response.json()- https://groups.google.com/a/chromium.org/g/blink-dev/c/buq5vsaTh5Q
- Body が JSON な response を簡単に作る API
- Prototype: Back/forward cache NotRestoredReason API
- Prototype: HTTP/3 protocol upgrade for HTTPS DNS records with h3 alpn parameter
- Prototype: Reduce fingerprinting in the Accept-Language header and support for HTTP Variants
- Prototype: Secure Payment Confirmation - Opt-Out Support
- Prototype: User Agent Launch Type in PerformanceNavigationTiming
-
Prototype:
AbortSignal.any() - Prototype: COEP reflection API
- Prototype: DisplayMediaStreamConstraints.selfBrowserSurface
- Prototype: DisplayMediaStreamConstraints.systemAudio
- Prototype: MediaTrackConstraintSet.displaySurface
- Prototype: MediaTrackSupportedConstraints.suppressLocalAudioPlayback
- Prototype: Origin-Bound Cookies
- Prototype: Prerender2 for Desktop
- Prototype: Stack Switching Promise Integration
- Prototype: Tabbed web apps
- Experiment: Fenced frames
- Experiment: Focusgroup
- Extend Experiment: Dark mode support for web apps
- Extend Experiment: Cookies Having Independent Partitioned State (CHIPS)
- Extend Origin Trial: Subresource loading with Web Bundles
- Change:
- Unship:
- Remove:
- Deprecate: RTCPeerConnection's googIPv6 constraint
- Deprecate: SMIL
- Deprecate and Remove: WebSQL in non-secure contexts
- Deprecate and Remove: navigation to filesystem: URLs in iframes
- Deprecate and Remove: Non-ASCII characters in cookie domain attributes
- Sign up to host a breakout talk @ BlinkOn16!
- The countdown to BlinkOn 16 is on!
- Intent stage "Evaluate readiness to ship": web-share permission policy
- Process survey results
- PSA: pylint changes in depot_tools, affecting some presubmit checks
- PSA: Event.path has been disabled in pre-Beta channels
- Developer pain as a result of "introducing blink_wpt_tests"
- FW: [blink-dev] Abridged summary of blink-dev@chromium.org - 18 updates in 8 topics
- FYI: Remove the service worker requirement for WebAPKs
V8
Other
-
web.dev
- https://web.dev/
- Don't fight the browser preload scanner
- State of CSS 2022
- Bridging the gap
- Yahoo! JAPAN's password-free authentication reduced inquiries by 25%, sped up sign-in time by 2.6x
- Finding courage and inspiration in the developer community
- Variable fonts in real life
- Quickly create nice CSS gradients with the CSS Gradient Creator
- New to the web platform in April
- An API for fast, beautiful web fonts
- GOV.UK drops jQuery from their front end.
- Building a button component
- How do modern frameworks perform on the new INP metric
- Synchronize audio and video playback on the web
- New to the web platform in May
- Use conic gradients to create a cool border
- google developer blog
-
google developer japan blog
- Google Developers Japan: 改ざんできないビルドでソフトウェア サプライ チェーンのセキュリティを改善する
- Google Developers Japan: ウェブサイト、アプリ、サーバーで OAuth 2.0 トークンを使用する
- Google Developers Japan: Chrome 102: ウィンドウ コントロール オーバーレイ、さまざまなオリジン トライアルの終了、ファイル ハンドラとしての PWA など
-
chrome developer blog
- Private prefetch proxy in Chrome
- Speeding up LCP with cross-site prefetching
- Debugging WebAssembly Faster
- Advanced Web Apps Fund
- Better Tab Sharing with Capture Handle
- Interaction to Next Paint (INP) tool support
- Progress in the Privacy Sandbox (March - April 2022)
- Cookies Having Independent State (CHIPS) origin trial extended
- chromium blog
- canary
-
search central
- Event recap: Search Central Virtual Unconference Japan 2022
- Spring cleaning: some sitemap extension tags are going away
- May 2022 core update releasing for Google Search
-
other
- One step closer to a passwordless future
- Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard to Accelerate Availability of Passwordless Sign-Ins - FIDO Alliance
Firefox 動向
Stable: 101
Updates
-
Firefox 100 for developers - Mozilla | MDN
-
https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Releases/100
- dynamic-range/video-dynamic-range media features
- WritableStream
- pipeTo()
- AbortSignal.timeout()
-
https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Releases/100
-
Firefox 100.0, See All New Features, Updates and Fixes
-
https://www.mozilla.org/en-US/firefox/100.0/releasenotes/
- captions support in PiP window
- overlay scrollbars on Windows 11 and LInux
- new focus indicator for links
-
Firefox now ignores less restricted referrer policies-including unsafe-url, no-referrer-when-downgrade, and origin-when-cross-origin-for cross-site subresource/iframe requests to prevent privacy leaks from the referrer.
-
Soft-reloading a web page will no longer cause revalidation for all resources.
-
https://www.mozilla.org/en-US/firefox/100.0/releasenotes/
-
Firefox 101 for developers - Mozilla | MDN
-
https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Releases/101
- prefers-contrast
- small/large/dynamic viewport units
- vb/vi viewport units
- input.showPicker()
- Constructable stylesheets
- WebDriver BiDi
-
https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Releases/101
- Firefox 101.0, See All New Features, Updates and Fixes
- Celebrating Firefox: How we got to 100
- Improved Process Isolation in Firefox 100 - Mozilla Hacks - the Web developer blog
- These Weeks in Firefox: Issue 115 - Firefox Nightly News
- These Weeks in Firefox: Issue 116 - Firefox Nightly News
- These Weeks In Firefox: Issue 117 - Firefox Nightly News
- Upgrading Mozilla's Root Store Policy to Version 2.8 - Mozilla Security Blog
- Prioritized Task Scheduling API is Prototyped in Nightly - Mozilla Performance
Intents
- Ship: Web Animations Animation.timeline setter
- Ship: WebDriver-BiDi
- Ship: User Defined Byte Streams
- Ship: TransformStreams and ReadableStream.pipeThrough
- Ship: URL Query String Stripping (ETP Strict and Private Browsing Mode)
- Ship: CSS constructable stylesheets.
- Prototype: Storage Access API, Always Partition Storage
- Prototype: Transferable streams
- Experiment:
- Change:
- Remove:
- Unship: window.sidebar
-
Unship:
IDBDatabase.createMutableFile()and the relevant classes - Unship: network.cookie.lifetimePolicy
Other
- SpiderMonkey Newsletter (Firefox 100-101)
- Credit card autofill now enabled in the United Kingdom, France and Germany
- Firefox's Picture-in-Picture rolls out subtitles - a Mozilla Connect community requested feature
- Revocation Reason Codes for TLS Server Certificates - Mozilla Security Blog
- Manifest v3 in Firefox: Recap & Next Steps | Mozilla Add-ons Community Blog
- Marketing our privacy products while preserving privacy
Safari 動向
Stable: 15.5
Updates
-
Release Notes for Safari Technology Preview 144
- https://webkit.org/blog/12621/release-notes-for-safari-technology-preview-144/
- Added Typed OM support for container units (r291524)
- Enabled support for mutable timelines by default (r291868)
- Added getAssertion support for virtual HID authenticators (r291624)
- Added support for focused and visible ServiceWorkerWindowClient states (r291888)
- Added a check for whether the origin can access storage in the Storage API (r291726)
- Included initial accessibility support for display: contents (r291570)
-
Release Notes for Safari Technology Preview 145
- https://webkit.org/blog/12629/release-notes-for-safari-technology-preview-145/
- Allowed Response Local Overrides to map to a file on disk
-
:has()pseudo-class- Added invalidation support for the pseudo-classes
:autofill,:placeholder-shown,:indeterminate1,:read-only,:read-write,:requiredand:optional
- Added invalidation support for the pseudo-classes
-
Container Queries and Containment
- Added CSSOM support (r292045)
- Added support for contain: inline-size (r292394, r292416, r292465)
- Added support for containment to disable the special handling of the HTML body element for overflow viewport propagation (r292127, r292157)
- Added support for transitions and animations on grid-template-columns and grid-template-rows (r292432)
-
calc() functions
- Added NaN propagation for min, max, clamp, and hypot (r292732)
- Serialized top level min, max, hypot as calc() (r292893)
-
resize property
- Added support for block/inline CSS values (r292222)
- Corrected minimum size computation to allow resizing below initial size (r292559)
- Added support for rendering
url(), CSS basic shapes other thanpath(), and coord-box for offset-path (r292382) - Dialog element now adapts to dark mode by default (r292029)
- Allowed Wasm import from a JS Worker module behind the feature flag (r292799)
- Added support for all CTAP transports and remove gesture requirement for virtual authenticators (r292593)
- Implemented
getTransports()and getAuthenticatorData() (r292913) - Added support for ServiceWorkerClients.openWindow (r291979)
- Implemented ServiceWorkerWindowClient.navigate (r292459)
- Safari 15.5 Release Notes | Apple Developer Documentation
-
New WebKit Features in Safari 15.5
- https://webkit.org/blog/12669/new-webkit-features-in-safari-15-5/
- support for the inert property in HTML;
- support for the worker-src Content Security Policy directive;
- new minimumViewportInset and maximumViewportInset APIs for implementing new CSS Viewport Units in WKWebView-based apps.
- Release Notes for Safari Technology Preview 146
- Happy birthday, WPE WebKit!
- Customizing Color Fonts on the Web
Position
- [webkit-dev] Request for position: Response.json() static method
Other
Edge 動向
Stable: 102
Updates
- Microsoft Edge の更新制御とサポート範囲について | Japan Developer Support Internet Team Blog
Chakra
Other
-
IIS の基本的な情報の自動採取について | Japan Developer Support Internet Team Blog
- https://jpdsi.github.io/blog/web-apps/iis-log-auto-collection/
-
なお、本ブログは弊社の公式見解ではなく、予告なく変更される場合があります。
- Find and manage your installed apps and sites
-
Styling
selectelements for real - What's new for Microsoft Edge at Build 2022
-
Introducing Microsoft Edge Secure Network - Microsoft Tech Community
- https://techcommunity.microsoft.com/t5/articles/introducing-microsoft-edge-secure-network/m-p/3367243
- Microsoft Edge Secure Network という VPN を搭載
- Cloudflare と提携、 1GB まで無料
- Use the Microsoft Edge Secure Network to protect your browsing
- Unexpectedly HTTPS? - text/plain
- Chromium Internals: PAK Files - text/plain
- Losing your cookies - text/plain
WHATWG/W3C 動向
Draft
- Recommendation
- Proposed Recommendation
- Candidate Recommendation
- Working Draft
-
First Public Working Draft
- Viewport Capture
- Event Timing API, Largest Contentful Paint
- Chartering
Other
- W3C Strategic Highlights, April 2022
- Judy Brewer receives ACM award for her leadership of the Web Accessibility Initiative
- W3C opens Advisory Board (AB) election
- ARIA Authoring Practices Guide | APG | WAI | W3C
- Redesigning ARIA Authoring Practices Guide - Bocoup
TC39 動向
Meeting
Proposals Diff
New Proposals
Other
IETF 動向
WG
- IETF
-
httpwg
- https://lists.w3.org/Archives/Public/ietf-http-wg/
- https://github.com/httpwg/wg-materials/
- I-D Action: draft-ietf-httpbis-retrofit-02.txt
- I-D Action: draft-ietf-httpbis-binary-message-03.txt
- Usage of HTTP/2 PROTOCOL_ERROR and INTERNAL_ERROR
- ABNF and Structured fields
- Title change for QPACK: Field Compression
- Signing Set-Cookie
- DRAFT minutes for the May interim meeting
- Message signatures, structured fields and ABNF
- I-D Action: draft-ietf-httpbis-message-signatures-10.txt
- Second Working Group Last Call: draft-ietf-httpbis-digest-headers-09
- I-D Action: draft-ietf-httpbis-client-cert-field-02.txt
- I-D Action: draft-ietf-httpbis-digest-headers-09.txt
- I-D Action: draft-ietf-httpbis-retrofit-03.txt from
- Genart last call review of draft-ietf-httpbis-binary-message-04
- I-D Action: draft-ietf-httpbis-binary-message-04.txt
- quicwg
- webtrans
- tlswg
- wpack
- masque
- pearg
- privacypass
- dispatch
- secdispatch
Other
- RFC 9239 - Updates to ECMAScript Media Types
-
draft-fabbrini-algorithm-post-alien-cryptography-00
- https://datatracker.ietf.org/doc/html/draft-fabbrini-algorithm-post-alien-cryptography-00
- 高度な知能のエイリアンが襲来しても大丈夫な暗号化技術
CDN 動向
Cloudflare
- How we built config staging and versioning with HTTP applications
- Announcing Pub/Sub: Programmable MQTT-based Messaging
- Magic NAT: everywhere, unbounded, and lower cost
- Introducing Workers Analytics Engine
-
Announcing D1: our first SQL database
- https://blog.cloudflare.com/introducing-d1/
- SQLite ベースのクラウド SQL DB
- Cloudflare 上でリードレプリカが自動作成
- バッチ処理あり
- Introducing Cache Reserve: massively extending Cloudflare's cache
- Durable Objects Alarms - a wake-up call for your applications
-
A New Hope for Object Storage: R2 enters open beta
- https://blog.cloudflare.com/r2-open-beta/
- S3 互換のオブジェクトストレージ
- とにかく安くて安心して使える
- TTL, Public Bucket, 署名付き URL etc
- Announcing Workers for Platforms: making every application on the Internet more programmable
- Workers visibility: announcing Logpush for Worker's Trace Events
- A new era for Cloudflare Pages builds
- Introducing Direct Uploads for Cloudflare Pages
-
Welcome to Platform Week
- https://blog.cloudflare.com/platform-week-2022/
- このあとの発表群の前振り
-
The next chapter for Cloudflare Workers: open source
- https://blog.cloudflare.com/workers-open-source-announcement/
- Cloudflare Workers のコードを OSS に
- この Worker へのロックインを避ける意味で WinterCG が同時に発表されている
-
A Community Group for Web-interoperable JavaScript runtimes
- https://blog.cloudflare.com/introducing-the-wintercg/
- https://wintercg.org/
- WHATWG はブラウザに特化した API を策定してきた
- Node や Deno 、 Edge コンピューティングのランタイムでは合わない場合もある
- その差分をうめるための WinterCG を設立 W3C みたいなプロセスだが参加は自由
- Cloudflare, Vercel, Shopify, Node.js, Deno などが参加
-
Zaraz use Workers to make third-party tools secure and fast
- https://blog.cloudflare.com/zaraz-use-workers-to-make-third-party-tools-secure-and-fast/
- タグマネージャの Zaraz を買収
- ブラウザでやっていたタグマネージャの処理を Edge 上でやろうとしている
- The Cloudflare Bug Bounty program and Cloudflare Pages
- Tracking shifts in Internet connectivity in Kherson, Ukraine
- Cloudflare achieves key cloud computing certifications - and there's more to come
- Monitoring our monitoring: how we validate our Prometheus alert rules
- Eurovision 2022, the Internet effect version
- How Ramadan shows up in Internet trends
- Network performance update: Platform Week
- Proof of Stake and our next experiments in web3
- Public access for our Ethereum and IPFS gateways now available
- Serving Cloudflare Pages sites to the IPFS network
- Gaining visibility in IPFS systems
- Part 1: Rethinking Cache Purge, Fast and Scalable Global Cache Invalidation
- Announcing the Cloudflare Images Sourcing Kit
- Send email using Workers with MailChannels
- Route to Workers, automate your email processing
- Stream with sub-second latency is like a magical HDMI cable to the cloud
- Bring your own ingest domain to Stream Live
- Cloudflare Stream simplifies creator management for creator platforms
Fastly
- Taming third parties with a single-origin website | Fastly
- Gartner names Fastly Global CDN "Customers' Choice" in 2022 "Voice of the Customer" report | Fastly
- Threat hunting network callbacks in WAF data | Fastly
- Product design at Fastly: How we create useful enterprise experiences | Fastly
- HTTP/3 and QUIC are now available for our entire customer base at no additional charge | Fastly
- Fastly announces acquisition of Glitch: A future of "yes code" at the edge | Fastly
Other
セキュリティ動向
- Entropy and Privacy Analysis
- Understanding Online Identity
周辺動向
-
Join us for the 2022 Web Engines Hackfest | Igalia
- https://www.igalia.com/2022/05/12/Join-us-for-the-2022-Web-Engines-Hackfest.html
- https://www.igalia.com/2022/05/23/Web-Engines-Hackfest-2022-Agenda-Announced.html
- https://www.youtube.com/channel/UCPQ8NaRSfsGei1j1meO4pNg/videos
- Engines: Chromium/Blink/V8, Safari/WebKit/JSC, Firefox/Gecko/SpiderMonkey, Servo
- Testing: WPT, Test262
- Specifications: W3C, WHATWG, TC39
- などに関わっている人を集めたオフラインイベント
- Igalia at BlinkOn 16 | Igalia
-
JavaScript Containers
- https://tinyclouds.org/javascript_containers
- Deno では JS コンテナを模索するという Ryan Dahl の記事
イベント
-
5 月
- 11-12: Google I/O
- 17-18: BlinkOn 16
- 22-24:Home - Write the Docs Portland 2022
- 24-26: Microsoft Build
- 26: SecWeb Workshop 2022
-
6 月
- 6-9: TC39
- 6-10: WWDC
- 13-14: Web Engines Hackfest
-
7 月
- 23-29: IETF 114 Philadelphia
-
9 月
- 12-16: TPAC 2022 Vancouver
Wrap Up
-
Chrome
-
101
hwb()- Priority Hints
- 102
-
Ship
- Container Queries
Element.isVisible- Subresource loading with Web Bundles
:has():modalpseudo classResponse.json()
-
Prototype
- HTTPS DNS records with h3 ALPN param
Accept-Languagereduce fingerprintingAbortSignal.any()- COEP reflection API
- Origin-bound cookies
- Prerender2 for Desktop
-
I/O
- INP (Interaction to Next Paint)
- password-free auth in Yahoo! JAPAN
-
other
- BlinkOn 16
- Passkey standardization
-
101
-
Firefox
-
100
- WritableStream
pipeTo()AbortSignal.timeout()- soft-reloading not cause cache revalidation
-
101
prefers-contrast- small/large/dynamic viewport units
input.showPicker()- Constractable stylesheets
-
Ship
- TransformStreams
- BYOBStreams
- URL query stripping (on ETP Strict and Private Browsing modes)
-
Prototype
- transferable streams
-
other
- Certificate revocation policy update
-
100
-
Safari
-
TP 144
- display: contents accessibility support
- TP 145
-
15.5
inert
- TP 146
-
TP 144
-
Edge
select要素のスタイルガイド- MS Build 2022
- Edge Secure Network VPN
-
W3C/WHATWG
- W3C Strategic Highlights April 2022
- AB Election
- TC39
-
IETF
- QPACK が Header Comp から Field Comp に改名
- RFC 9239 - Updates to ECMAScript Media Types
- Post Aliahen Crypto
-
CDN 動向
-
Cloudflare
- WinterCG と Worker の OSS 公開
- D1, R2, Magic Nat, MQTT など新製品公開
- Web3 系
-
Fastly
- H3/QUIC available for all user
- Glitch 買収
-
Cloudflare
-
セキュリティ動向
- Martin の Entropy の記事
- EKR の Online ID の記事
-
周辺動向
- WebEngine Hackfest
- Ryan Dahl の container に関する Blog (WinterCG)