Deprecations and removals in Chrome 84

Deprecations and removals in Chrome 84

Deprecations and removals in Chrome 84

Note: Chrome expects to start the spec-mandated turn down of AppCache in Chrome

  1. For details and instructions for managing the transition gracefully, see
    Preparing for AppCache removal. For
    information on a feature that will help you identify uses of this and other
    deprecated APIs, see Know your code
    health

Deprecations and removals in Chrome 84

@import rules in CSSStyleSheet.replace() removed

The original spec for constructable stylesheets allowed for calls to:

sheet.replace("@import('some.css');")

This use case is being removed. Calls to replace() now throw an exception if
@import rules are found in the replaced content.

Intent to Remove |
Chrome Platform Status |
Chromium Bug

Remove TLS 1.0 and TLS 1.1

TLS (Transport Layer Security) is the protocol which secures HTTPS. It has a
long history stretching back to the nearly twenty-year-old TLS 1.0 and its even
older predecessor, SSL. Both TLS 1.0 and 1.1 have a number of weaknesses.

  • TLS 1.0 and 1.1 use MD5 and SHA-1, both weak hashes, in the transcript hash
    for the Finished message.
  • TLS 1.0 and 1.1 use MD5 and SHA-1 in the server signature. (Note: this is not
    the signature in the certificate.)
  • TLS 1.0 and 1.1 only support RC4 and CBC ciphers. RC4 is broken and has since
    been removed. TLS’s CBC mode construction is flawed and is vulnerable to
    attacks.
  • TLS 1.0’s CBC ciphers additionally construct their initialization vectors
    incorrectly.
  • TLS 1.0 is no longer PCI-DSS compliant.

Supporting TLS 1.2 is a prerequisite to avoiding the above problems. The TLS
working group has deprecated TLS 1.0 and 1.1. Chrome has now also deprecated
these protocols.

Intent to Remove |
Chromestatus Tracker |
Chromium Bug

Feedback

This post is also available in: Deprecations and removals in Chrome 84English