[null,null,[],[[["\u003cp\u003eStarting in Chrome 92, the \u003ccode\u003eSharedArrayBuffer\u003c/code\u003e object will require cross-origin isolation to function properly, impacting websites that utilize it.\u003c/p\u003e\n"],["\u003cp\u003eWebsite owners who received a Search Console message about \u003ccode\u003eSharedArrayBuffer\u003c/code\u003e usage should identify its source and either remove it or enable cross-origin isolation.\u003c/p\u003e\n"],["\u003cp\u003eThe change is being implemented for security reasons to mitigate the Spectre vulnerability by requiring websites using \u003ccode\u003eSharedArrayBuffer\u003c/code\u003e to be cross-origin isolated.\u003c/p\u003e\n"],["\u003cp\u003eDevelopers can find instances of \u003ccode\u003eSharedArrayBuffer\u003c/code\u003e usage on their websites using Chrome DevTools or the Reporting API, and should contact third-party resource providers if necessary.\u003c/p\u003e\n"],["\u003cp\u003eAfter Chrome 92's release, websites without cross-origin isolation using \u003ccode\u003eSharedArrayBuffer\u003c/code\u003e may experience performance degradation for Chrome users.\u003c/p\u003e\n"]]],["Chrome will restrict the `SharedArrayBuffer` object to cross-origin isolated environments starting with Chrome 92. This change, initially planned for Chrome 91, was postponed to late May 2021. Websites using `SharedArrayBuffer` must identify its usage, potentially from third-party resources, using Chrome DevTools or the Reporting API. Sites should decide if its usage is necessary and fix it by removing the functionality or enabling cross-origin isolation, otherwise, users may experience degraded performance.\n"],null,["# Clarifications about the SharedArrayBuffer object message\n\nFriday, March 19, 2021\n| **Update on May 6, 2021** : Due to unexpected circumstances, the Chrome team decided to postpone the restriction on the `SharedArrayBuffer` object on desktop to Chrome 92 (originally Chrome 91).\n\n\nSome of you might have received an email from Google Search Console with the subject \"New requirements for `SharedArrayBuffers`\".\nWe received feedback that the message was confusing, and wanted to give some more insight into the issue, so that you can decide which next steps are appropriate.\nWe also updated [the guide on enabling cross-origin isolation](https://web.dev/articles/cross-origin-isolation-guide) to include additional details.\n\nWhy did I receive the message?\n------------------------------\n\n\nYou received the message because we've detected that JavaScript on your website was using the [`SharedArrayBuffer`](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/SharedArrayBuffer) object at the time of the message.\nThe usage might be due to frameworks, libraries, or other third-party content included within your website.\n\nWhat is the `SharedArrayBuffer`?\n--------------------------------\n\n\n`SharedArrayBuffer` is a JavaScript object to share a memory space across threads on a website.\nIt was used by websites before the vulnerability called [Spectre](/web/updates/2018/02/meltdown-spectre) was found.\nHowever, because Spectre was a CPU level vulnerability and it's unlikely to be fixed in the foreseeable future, browsers decided to disable the `SharedArrayBuffer` object.\n\n\nWhile Chrome re-enabled it on desktop with [Site Isolation](https://security.googleblog.com/2018/07/mitigating-spectre-with-site-isolation.html) as a temporary remedy, [cross-origin isolation](https://web.dev/articles/coop-coep) was standardized as a way to safely enable the `SharedArrayBuffer` object.\nStarting with version 92, planned to be released in late May 2021, Chrome will gate the `SharedArrayBuffer` object behind cross-origin isolation.\nFirefox enabled the `SharedArrayBuffer` object on a cross-origin isolated environment as well in version 76.\nWe hope other browsers will follow soon.\n\nFinding `SharedArrayBuffer` object usage on your site\n-----------------------------------------------------\n\n\nYou have two options:\n\n1. Use [Chrome DevTools](/web/tools/chrome-devtools) and inspect important pages.\n2. (Advanced) Use the [Reporting API](/web/updates/2018/09/reportingapi) to send deprecation reports to a reporting endpoint.\n\n\nLearn how to take the above approaches at [Determine where the `SharedArrayBuffer` object is used on your website](https://web.dev/articles/cross-origin-isolation-guide).\n\nNext steps\n----------\n\n\nFor next steps, we recommend:\n\n1. Determine where the `SharedArrayBuffer` object is used on your website.\n2. Decide if the usage is necessary.\n3. Fix the issue by either removing the functionality, or by [enabling cross-origin isolation](https://web.dev/articles/cross-origin-isolation-guide).\n\n\nIf you haven't heard about the `SharedArrayBuffer` object, and you received a Search Console message about it, it's highly likely a third-party resource on your website is using it.\nOnce you determine which pages are affected, and who the owner of the resource is, reach out to the resource provider and ask them to fix the issue.\n\n\nAfter Chrome 92 is released, the `SharedArrayBuffer` object without cross-origin isolation will no longer be functional.\nIn practice, this means that Chrome users on your site may experience degraded performance similar to other situations where the `SharedArrayBuffer` object is not supported.\n\n\nWe hope this clarification was useful, even if you didn't receive the message.\nIf you have any questions, we'd recommend posting in the [Search Central help community](https://support.google.com/webmasters/community) to get input from other experts.\n\nPosted by [Eiji Kitamura](https://blog.agektmr.com/), Chrome Developer Advocate"]]