What's new in Chrome version 131
First, Chrome 131 version of the new features
1. Searching with Google Lens on iOS
Since Chrome version 126, users have been able to search any image or text they see on the screen through Google Lens.
To use this feature, visit the website and click on the Google Lens search button that appears in the address bar when focused, or click on the desktop context menu, the three-dot menu on desktop and mobile. Users can click, select, or drag anywhere on the screen to search for content and optimize their search by adding keywords or questions to the search box.
Administrators can control this feature through a policy called LensOverlaySettings. When a search is performed, the screenshot is sent to Google servers, but no ID or account is associated with it, it is not viewed by anyone, and no information about the content is recorded. We've started rolling out this feature in Chrome 131 for iOS and plan to roll it out in Chrome 132.
1.1. Applicable version:
- Chrome 126 (for ChromeOS, Linux, macOS, Windows): release this feature in the 1% stable release
- Chrome 127 (for ChromeOS, Linux, macOS, Windows): release this feature in 100% stable release
- Chrome 131 (for iOS): begin rolling out the feature
- Chrome 132 (for iOS): release this feature in 100% stable version
2. Asynchronous Real-Time Secure Browsing Inspection on iOS
Currently, secure browsing checks are performed on the blocking path of page loads, meaning that users cannot see the page until the check is complete. In order to improve Chrome's loading speed, after Chrome version 122 (Chrome version 131 on iOS), live secure browsing checks will no longer block page loads.
2.1. Applicable version:
- Chrome 122:Android、ChromeOS、Linux、macOS、Windows
- Chrome 131:iOS
3. PWA Shim Provisional Code Signing for macOS
The code signature of the application Shim created during the installation of Progressive Web Apps (PWAs) on macOS will be changed to a temporary code signature generated during the application installation.
Code signatures are used by macOS to identify applications. These temporary signatures give each PWA application Shim a unique identity on macOS.
This can be tested by turning it on using the chrome://flags/#use-adhoc-signing-for-web-app-shims flag.
If this feature is not compatible with an existing security policy, you can use the AdHocCodeSigningForPWAsEnabled policy to disable the feature so that administrators can deploy an updated endpoint security policy.
3.1. Applicable version:
- Chrome 129 on macOS: This feature can be turned on via flags (chrome://flags/#use-adhoc-signing-for-web-app-shims).
- Chrome 131 on macOS: This feature is starting to be rolled out gradually to the stable version, with an initial rollout rate of 1%.
4. Selecting files from Google Drive
Starting with Chrome 131, Chrome for iOS users can upload files to the web directly from Google Drive without having to download them to their device first.
5. Chrome PDF Viewer OCR Features
Chrome Desktop now makes scanned PDFs more accessible. With Optical Character Recognition (OCR) technology on the device to ensure privacy (no content is sent to Google), Chrome automatically converts scanned PDFs, allowing users to select text, search using Ctrl+F, copy and paste. This feature does not bypass protected PDFs and only uses OCR on PDFs that the user has access to.
- Chrome 131 For ChromeOS, Linux, macOS and Windows.
6. Chrome for iOS rollout with new tab on desktop
A promotion for Chrome for iOS will appear in a new tab on desktop. This promotion is designed to raise awareness of Chrome for iOS and provide an easy way to install it.
This can be controlled using the existing PromotionsEnabled and NTPMiddleSlotAnouncementVisible policies.
7. Password reuse detection across profiles
Previously, password reuse detection for company credentials could only be detected in company profiles. Now, on managed browsers, password reuse detection can detect reuse of company credentials in all profiles that are not in stealth mode.
Updated criteria for password reuse detection across profiles to more accurately reflect managed enterprise accounts.
8. Chrome for Android now supports third-party autofill and password management services
Previously, third-party autofill and password management services in Chrome for Android were implemented through a helper function API.
In the Chrome M131 release, direct support for Android autofill has been added, meaning that these third-party services can be used with Chrome for Android without relying on helper feature APIs, improving the performance of both Chrome and third-party autofill services.
To use this feature, users need to configure a third-party provider in their Android settings. Then, in Chrome, go to Settings -> Autofill Services and select "Use other services for autofill".
If users do not change these two settings, Chrome will continue to use Google's services to autofill password, payment, and address information. Whether users are allowed to use third-party autofill services can be determined by a new policy.ThirdPartyPasswordManagersAllowed Control.
9. Deprecating the Safe Browsing Extended Reporting Feature
Chrome is deprecating the Safe Browsing Extended Reporting feature, which had been used to enhance security for all users by collecting telemetry information from participating users and for Google Safe Browsing Protection. The data collected includes URLs of visited pages, limited system information, and some page content.
This feature has now been replaced by Enhanced Protected Mode. It is recommended that users switch to Enhanced Protected Mode to continue to provide security for all users while enabling Chrome's strongest security features.
10. Entrust certificates are no longer trusted
Due to ongoing compliance issues with Entrust, Chrome is changing the way it trusts Entrust-issued Publicly Trusted TLS Server Authentication (Website) certificates by default in Chrome 131 and later for Windows, macOS, ChromeOS, Android, and Linux. iOS policy does not allow the use of the Chrome root store in Chrome for iOS. iOS policy does not allow the use of the Chrome root store in Chrome for iOS.
Specifically, TLS certificates validated through the Entrust root CA certificate and stored in the Chrome root store if:
- Issued after November 11, 2024, will no longer be trusted by default.
- Issued on or before November 11, 2024The change is not affected by this change.
- Chrome 131 on Android、ChromeOS、Linux、macOS、Windows: All Chrome 131 and later versions that rely on the Chrome root store will perform this block, but the block will only apply to certificates issued after November 11, 2024.
11. Unsafe Form Warnings on iOS
As of Chrome 125, Chrome blocks form submissions from secure pages to insecure pages on iOS. When Chrome detects an insecure form submission, it displays a warning asking the user to confirm the submission. The purpose of this is to prevent form data from being leaked via explicit transmission without explicit user approval. Provides an option calledInsecureFormsWarningsEnabled policy for controlling this function.
- Chrome 125 on iOS: This feature is starting to roll out.
- Chrome 131 on iOS: The InsecureFormsWarningsEnabled policy will be removed.
12. PartitionAlloc with Advanced Checking (PA/AC)
PartitionAlloc (PA) and its associated memory safety items contain a set of advanced protections that are disabled by default (or enabled only in debug versions) because of the performance impact they may have. While it may not be feasible to enable this feature for all users immediately, there is still an opportunity to partially enable it under certain limited conditions.
13. Simplified login and synchronization experience
Starting with Chrome 131, existing users with Chrome Sync enabled will experience a simplified and integrated login and sync process.
Chrome Sync is no longer displayed as a separate feature in Settings, nor is it listed separately. Instead, users can simply sign in to Chrome to use and save information, such as passwords, bookmarks, and more, in their Google account, provided they follow the relevant corporate policies.
As before, the ability to save and access Chrome data to your Google account can still be controlled via SyncTypesListDisabled. Signing into Chrome can still be turned off via BrowserSignin, as before.
It's important to note that these changes will not affect users' ability to sign in to Google services on the Web, such as Gmail, to keep Chrome unsigned in even if they are not signed in to Chrome, or to control the information that is synchronized with their Google account.
14. Label Freeze in Energy Saving Mode
When Energy Saver Mode is enabled, Chrome freezes tabs that have been hidden and silent for more than 5 minutes and are using a lot of CPU unless:
- The tag provides audio or video conferencing capabilities via microphone, camera, screen, window or tab capture, or there is an RTCPeerConnection that is using an open RTCDataChannel or an active MediaStreamTrack.
- The tag controls an external device that is detected via Web USB, Web Bluetooth, Web HID or Web Serial.
This feature extends battery life and speeds up Chrome by reducing CPU usage.
This feature will be rolled out to 1% of Stable users starting in Chrome 131 and then gradually expanding to 100% of Stable users.
15. Update Google Play Services to Fix Password Issues on Devices
Users with older versions of Google Play Services will experience reduced functionality with the password feature on their device and the password manager may soon become completely unusable. These users will need to update their Google Play Services or, depending on their status, the system will direct them to other troubleshooting methods for resolution. This is an ongoing migration process and only affects Android users using Google Password Manager.
16. X25519Kyber768 Key Encapsulation Mechanism for TLS
Starting with Chrome 124, Chrome has enabled by default on all desktop platforms the new post-quantum secure TLS key encapsulation mechanism, X25519Kyber768, based on the NIST standard (ML-KEM), which is designed to protect network traffic between Chrome and ML-KEM-enabled servers from future decryption by quantum computers. This change should be transparent to server operators. This cipher will be used for TLS 1.3 and QUIC connections.
17. CSS Anchor Positioning Propertiesinset-area abandonment of
The CSS Working Group (CSSWG) decided to rename the inset-area property to position-area.
With this feature update, the position-area attribute is released as a synonym for inset-area, marking the deprecation and removal of the inset-area attribute.
This change will affect developers using the inset-area attribute, and the new position-area attribute should be used in the future in place of the old name.
18. revised<details> cap (a poem)<summary> The style structure of an element
Provide more CSS style support for the <details> and <summary> elements so that these elements can be used in more pages that build disclosure widgets or accordion widgets.
This change removes the previous restriction on setting the display attribute of these elements and adds a new ::details-content pseudo-element for styling section containers for expanding and collapsing.
19. Keyboard lock and pointer lock permissions
When a website requests the use of keyboard lock or pointer lock, the browser may display permission prompts to the user and save the user's preferences as content settings. These settings can be queried through permissions APIs. This measure helps minimize misuse of these APIs.
20. Remove non-standardGPUAdapterrequestAdapterInfo() methodologies
The WebGPU Working Group (WG) decided that the requestAdapterInfo() method was impractical for triggering permission prompts, so they removed that option and replaced it with the GPUAdapter's info property. This way, web developers can get the same GPUAdapterInfo value synchronized.
21. <select> Parser relaxation
This change makes the HTML parser allow more tags in the <select> element, in addition to <option>, <optgroup>, and <hr>.
This change was made to support customizable <select> functionality, but was rolled out first because it can be implemented separately and is less risky.
This feature is controlled by the temporary policy SelectParserRelaxationEnabled. This policy will be disabled in Chrome version 136.
22. Support for external SVG sources forclip-path、fill、stroke cap (a poem)marker-* causality
This change allows the use of references to external SVG resources in the clip-path, fill, stroke, and marker-* attributes. For example, the following syntax can be used:
clip-path: url("#myPath");
Paths, markers, or fill/stroke servers from external SVG files can be referenced directly in CSS, making the styling of graphical elements more flexible and reusable.
23. Support for non-specific program URLs
Chrome 130 now supports non-specialized URLs, such as git:///path. Previously, Chromium's URL parser did not support non-specialized URLs and treated paths as opaque when parsing non-specialized URLs, which was inconsistent with the URL standard. Now, Chromium's URL parser correctly parses non-specific URLs, following the URL standard.
23.1. Applicable version:
- Chrome 130 Non-specific scheme URLs are supported on Windows, macOS, Linux, and Android.
- Chrome 131 Continued support on Windows, macOS, Linux, and Android.
- Chrome 134 This feature flag will be removed on Windows, macOS, Linux, Android.
24. Translation function combined with Google Lens search
Augmented reality (AR) translation capabilities are being integrated into the Google Lens search feature.
25. New Strategies in Chrome
| Strategy Name | descriptive |
|---|---|
| DownloadRestrictions | Allows setting download limits. |
| CAPlatformIntegrationEnabled | Use user-added TLS certificates from the platform trust store for server authentication. |
| SelectParserRelaxationEnabled | Controls whether the new HTML parser behavior of the <select> element is enabled. |
| EnterpriseProfileBadgeToolbarSettings | Controls the visibility of the Enterprise Profile badge in the toolbar. |
| WebAudioOutputBufferingEnabled | Enable adaptive buffering of Web audio. |
26. Chrome Removal Policy
| Strategy Name | descriptive |
|---|---|
| ProfileLabel | Controls the label used to identify logged-in profiles. The label will be displayed in several locations to help users identify the profile, such as next to the profile icon in the toolbar. |
| ToolbarAvatarLabelSettings | Manage toolbar avatar label settings. |
Second, Chrome 131 version update date
1. Chrome 131
1.1. Beta
Wednesday, October 16, 2024
1.2 Stabilized version
Tuesday, November 5, 2024
bibliography
- Chrome Enterprise and Education release notes