Architecture, Internals, and the Engineering of the World’s Most Popular Browser
Introduction: The Browser as Operating System
Chapter 1: The Origin Story
- The Browser Wars Before Chrome
- The Google Browser Team Assembles
- September 2, 2008: Launch Day
- Open-Sourcing Chromium
- From Niche to Dominance
- The Plugin Evolution: From NPAPI to WebAssembly
Chapter 2: Architecture at a Glance
- Design Philosophy: Stability, Security, Responsiveness
- The Process Taxonomy
- Component Architecture Overview
- How Chrome Compares: Firefox, Safari, Edge
- The Chromium Project Structure
Chapter 3: The Multi-Process Model
- Why Multiple Processes?
- Process Types and Their Roles
- Process Lifecycle Management
- The Site Instance Model
- Resource Process and Specialized Workers
Chapter 4: The Browser Process
- The Browser Process as Orchestrator
- TabStripModel and Tab Management
- Navigation Controller and URL Handling
- Bookmarks, History, and Session State
- Download Manager and Background Services
- RenderProcessHost Lifecycle: Source Code Walkthrough
Chapter 5: The Renderer Process and Blink Engine
- Renderer Process Bootstrapping
- HTML Parsing and DOM Construction
- HTML Parser Source Code Walkthrough
- CSS Parsing and Style Resolution
- Layout and the Critical Rendering Path
- LayoutNG Source Code Walkthrough
- Blink Architecture and Module Organization
Chapter 6: V8 – The JavaScript Virtual Machine
- V8 Architecture Overview
- The Ignition Interpreter
- TurboFan Optimizing Compiler
- Sparkplug Baseline Compiler
- Maglev Mid-Tier Optimizing Compiler
- Garbage Collection Strategies
- Hidden Classes and Inline Caches
- V8 Map (Hidden Class) Source Code Walkthrough
- WebAssembly Integration
Chapter 7: GPU Process, Graphics, and Compositing
- GPU Process Architecture
- Command Buffer Protocol: Source Code Walkthrough
- Layer Tree and Compositor
- Rasterization and Paint
- Canvas and WebGL Acceleration
- ANGLE and Cross-Platform Graphics
Chapter 8: Network Service and Networking Stack
- Network Service Process Architecture
- DNS Resolution and Prefetching
- HTTP/2 and Multiplexing
- QUIC Protocol Implementation
- Socket Pool and Connection Management
- QUIC Source Code Walkthrough
Chapter 9: Storage Subsystem
- Cookie Management and SameSite
- HTTP Cache Architecture
- IndexedDB and SQLite Backend
- LocalStorage and SessionStorage
- Service Worker Storage Model
Chapter 10: IPC – Inter-Process Communication
- The IPC Evolution: From NaCl to Mojo
- Mojo Framework Architecture
- Mojo IDL and Generated Bindings: Source Code Walkthrough
- Message Serialization and Channels
- IPC Performance and Bottlenecks
- Cross-Process API Calls
Chapter 11: Sandboxing and Security Architecture
- The Threat Model
- Linux Sandboxing: Namespaces and Seccomp
- Seccomp-bpf Policy Compilation: Source Code Walkthrough
- Windows Sandboxing: Job Objects and Integrity Levels
- macOS Sandboxing: Seatbelt and Sandbox Profiles
- Exploit Mitigations: ASLR, DEP, CFG
Chapter 12: Web Security Policies – Origins, CORS, CSP, Site Isolation
- The Origin Model and Same-Origin Policy
- Cross-Origin Resource Sharing (CORS)
- Content Security Policy (CSP)
- Site Isolation Implementation
- Certificate Validation Pipeline
- Permissions API and Feature Policies
Chapter 13: Privacy Features
- Tracking Protection and Shields
- The Topics API (Post-FLoC)
- Incognito Mode Implementation
- Privacy Sandbox Initiatives
Chapter 14: Extensions Architecture and Developer Tools
- Extension Architecture and Manifest V3
- Background Service Workers
- Content Scripts and Isolated Worlds
- Chrome DevTools Protocol
- DevTools Panel Architecture
Chapter 15: Performance Optimizations
- Resource Loading Strategies
- Speculative Parsing and Preload
- Paint Timing and Frame Budget
- Memory Management and Pressure
- Performance Comparison with Peers
Chapter 16: Security Case Studies and Vulnerabilities
- The Chrome Security Team and Bug Rewards
- Famous Exploit Chains: From Zero-Day to Patch
- Use-After-Free in Blink
- Type Confusion in V8
- Password Encryption and Key Management
- Debugging and Reverse Engineering Methodologies
- Sandboxing Escape Case Studies
Chapter 17: Testing, Telemetry, and Infrastructure
- Automated Testing Infrastructure
- Chrome for Testing and Canary
- Telemetry and Usage Statistics
- Update Mechanism and Omaha
- Fuchsia and Browser Evolution
Chapter 18: Future Directions
- WebGPU and the Future of Graphics
- WebAssembly System Interface (WASI)
- AI and Machine Learning in the Browser
- Architectural Shifts Under Consideration
- The Browser as Platform