Hello, BMP image decoder that ships in Chromium/Blink is capable of decoding JPEG and/or PNG images embedded inside BMP (in addition to the typical RLE or other basic BMP encodings). In https://chromestatus.com/feature/5153489630134272 we propose to remove this BMP extension, tracking this work with https://crbug.com/456842524.
Answering the questions from https://www.chromium.org/blink/launching-features/#feature-deprecations: - Why are we removing this feature?: - Security: Since 2019, we've been presented with compelling evidence <https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html> that surprising and rarely-used support for nesting formats is a path to security bugs. Such a possibility is especially worrying for BMP, which is otherwise considered a pretty simple format. - Code health: Removing code is expected to improve code health. Additionally, removing this corner-case will simplify migrating <https://docs.google.com/document/d/1fc7KI1AhvCOLZhAStg_jIQLlCA3aCZP4vhgFlLn1ZTk/edit?usp=sharing> the BMP decoder to a memory-safe language. - Interoperability: - Removing this BMP extension will improve interoperability/consistency across browsers, because today only Chrome supports this BMP extension: - Manual testing of browser support is possible by visiting https://entropymine.com/jason/bmpsuite/bmpsuite/html/bmpsuite.html and looking at the result of rendering `q/rgb24jpeg.bmp` and `q/rgb24png.bmp` - Chrome 141.0.7390.134: rendered okay - Support for JPEG/PNG-in-BMP was added <https://chromium-review.googlesource.com/c/chromium/src/+/1777120> in 2019, in Chrome 78.0.3899.0 <https://chromiumdash.appspot.com/commit/8319e7a6dbe63b6ef04c3cfe75f0df1947b00fb0> - IIUC there was no Blink Intent for this addition + the main motivation was covering all files from the BMP test suite (I note that these 2 test inputs are in a “q” directory which was expanded to “questionable” when adding <https://chromium-review.googlesource.com/c/chromium/src/+/5269009> the test inputs to Chromium). - Firefox 143.0.4 and 144.0.2: not rendered - Safari 18.6: not rendered - There is no official spec: - https://developer.mozilla.org/en-US/docs/Web/Media/Guides/Formats/Image_types <https://developer.mozilla.org/en-US/docs/Web/Media/Guides/Formats/Image_types#bmp_bitmap_file> says: - “No specification; however, Microsoft provides general documentation of the format at docs.microsoft.com/en-us/windows/desktop/gdi/bitmap-storage” - “Warning: You should typically avoid using BMP files for website content. The most common form of BMP file represents the data as an uncompressed raster image, resulting in large file sizes compared to png or jpg image types. More efficient BMP formats exist but are not widely used, and rarely supported in web browsers.” - “Theoretically, several compression algorithms are supported, and the image data can also be stored in JPEG or PNG format within the BMP file.” - https://learn.microsoft.com/en-us/windows/win32/gdi/jpeg-and-png-extensions-for-specific-bitmap-functions-and-structures says: - “This [JPEG-and-PNG-in-BMP] extension is not intended as a means to supply general JPEG and PNG decompression to applications, but rather to allow applications to send JPEG- and PNG-compressed images directly to printers having hardware support for JPEG and PNG images.” - What is the cost of removing this feature? - No usage has been registered via a recently added UMA data: https://crbug.com/452667935 - UMA data gathered in https://crbug.com/452667935 for M143 shows no usage in Canary/Dev, Beta, not Stable release channels (not just minimal usage, but no usage whatsoever) - UMA data can have blind spots (users that do not enable UMA), but this seems like an acceptable risk - When will the feature be removed? - We propose to remove support for this BMP extension in Chrome 145 (which is tentatively scheduled to branch on January 12, 2026, and release to the Stable channel on Feb 10, 2026). - What is the suggested alternative? - Please use PNG and/or JPEG images **directly** rather than embedding them inside a BMP format. Other notes: - We don’t plan to explicitly coordinate with other web rendering engines, because other browsers do not support this feature. - We don’t plan for a deprecation period, because there is no known usage (based on UMA <https://crbug.com/452667935>) and explicit warnings (on Mozilla Developer Network <https://developer.mozilla.org/en-US/docs/Web/Media/Guides/Formats/Image_types#bmp_bitmap_file>) advise against using BMP in general, and this BMP extension specifically (calling it only “theoretically supported”) Best regards, Lukasz Anforowicz (on behalf of the Chrome Memory Safety and the Skia teams) -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAK7BWekqoM-92v_%2B5Cu1HroB7zhM1uGDh6kH9gOiyfyi7RO%2B8A%40mail.gmail.com.
