Chrome 80 dropped yesterday, and the usual advice applies. If your desktop browser hasn’t already updated itself, or you aren’t sure, go visit its “About Google Chrome” page either by clicking on the triple-dot icon in the upper-right corner of your Windows browser or the “Chrome” menu of your Mac browser.
Chrome 80 comes packed with new features, including a great change that prevents sites from blasting you with spammy notification requests—which can now all be hidden under a button in your omnibar, by default. To enable it, you’ll first have to enter chrome://flags into your omnibar, and then search for “Quieter notification permission prompts.” Enable that flag, restart your browser, and then visit visit Settings > Site Settings (under “Privacy and Security”) > Notifications. Turn on “Use quieter messaging” to stop getting harassed by annoying notification prompts.
Google is also slowly working to get rid of mixed HTTPS content by automatically upgrading audio and video content to HTTPS, where possible. In other words, sites won’t be able to load a hybrid of secure HTTPS and less-secure HTTP content; if audio and video can’t load over HTTPS, Chrome will block it by default. You don’t need to set a flag for this one; it’s just an FYI.
Block shitty ads that use too many system resources
What I find most interesting, though, are two other Chrome features that you’ll also have to enable directly in chrome://flags. The first, Heavy Ad Intervention, allows you automatically block any annoying web ads that eat up too much of your processor or memory. As far as useful hidden features go, I’d put this one right at the top of my list—assuming you aren’t already using an adblocker.
Start getting stricter about third-party browser cookies
Google is also enforcing a new classification system for cookies, blocking cross-site cookies if they don’t set their SameSite attribute to “None” and make themselves available via HTTPS. And all cookies that aren’t labelled are being treated as “lax,” in that they’ll only work if the domain you’re browsing matches the cookie’s domain. These are the technical parts, at least. As for why this is all important, Google’s changes can help protect against problematic cross-site attacks, as detailed by CookiePro:
“Let’s pretend you’re logged into your banking account through their online portal. Have you ever noticed that some websites will keep you logged in? That’s because of a session cookie – after you authenticate, the website has set a cookie on your browser that allows you to remain logged in. As you’re browsing a different website, you click on a link from a Tweet for a funny video. Unfortunately, that link could be a cross-site request forgery attack (XSRF) that tricks your browser into executing an unwanted action in the logged-in session with your bank.
Before SameSite, clicking on the XSRF link would execute the transaction by piggy-backing onto the session cookie generated from your bank (that keeps you logged in).
After SameSite, the browser won’t allow the cookie to be added to an already authenticated website if the link derives from an external site.”
Google is rolling out its new treatment for third-party cookies over the next few weeks, but you can get a head start in your Chrome 80 browser by pulling up chrome://flags and enabling “SameSite by default cookies,” as well as “Cookies without SameSite must be secure.”
While it’s possible that this change might break a few websites you frequent, it’s a change that’s coming, regardless—you’re just getting an early look before everyone else.
Organise your overflowing tabs
Here’s one bonus feature that I’m terrified to start using because I still have way too many open tabs. Pull up chrome://flags and search for “Tab Groups.” Turn it on, restart your browser, and you’ll now be able to right-click on any of your tabs to start organising them into groups. Select “Add to new group,” and then right-click on the colourful tab that’s automatically created for you—the group—to give it a name or change its colour.