Google Chrome 25 is now in the beta channel on the desktop as well, after making its debut on Android last week. There are plenty of new features in the new Chrome for regular users, unlike in most cases, but there's plenty to like for developers as well.
Content Security Policy
On the security side, Chrome 25 adds unprefixed support for Content Security Policy (CSP). This enables websites to define a whitelist of domains from where code can be executed. There are very few websites that only rely on their own code these days.
"Like" buttons, site analytics, YouTube videos, all come from external sources but must be treated just like the regular code. This why XSS attacks are so dangerous, browsers implicitly trust any code, from any source, that is pushed by a page.
With CSP, websites can specify what code can be executed, browsers that support CSP will only run code originating from places in the whitelist.
Shadow DOMAlso new in Chrome 25, new in all senses of the word, is support for Shadow DOM. The Shadow DOM, while ominous sounding, is just a way of making sure widgets, i.e. third-party snippets of code, can run on any page and not conflict with the existing code.
The Shadow DOM makes it possible to "run" widget code in a separate DOM from the one used by the document being displayed. There's still plenty to do before Web Components is ready, Google has submitted a test suite to the W3C for Shadow DOM.
The IndexedDB implementation now supports concurrent transactions which should speed things up in some cases but can cause problems for older apps that have been built to rely on a strict sequential transactions.
In the dev tools, there's now a console.clear() command which does exactly what you think it does. The icons in the top toolbar have been removed, for a cleaner look and less unnecessarily used space, though they can be re-enabled in the settings if the new toolbar looks strange to you.