"The 220.127.116.11 release uses a reflective XSS filter that checks each script before it executes to check if the script appears in the request that generated the page. Should it find a match, the script will be blocked. According to Chromium developer Adam Barth, the developers plan to post an academic paper that will describe the new filter in further detail at a later time." - H-Online
However the folks at the slackers forum are already breaking it. While not totally rock solid still a step in the right direction.