Project Fission by Mozilla to bring a Site-isolation feature like Chrome in Firefox!
Each time a user visits a new domain, the Google Chrome web browser creates a new process for the web page. This sandboxing is done to stop each process from interfering with one other. This Process is termed as site isolation and is a security feature that has been recently added in the Chrome web browser by Google.
This Feature was added in Chrome 63 and users could enable it manually by changing a Chrome flag.
Google took this step to address the flaws of security rules enforced by the Same Origin Policy. If allowed to access each other’s data inside the web browser, the malicious sites can steal data from other sites.
This Feature was added in Chrome 63 and users could enable it manually by changing a Chrome flag.
Google took this step to address the flaws of security rules enforced by the Same Origin Policy. If allowed to access each other’s data inside the web browser, the malicious sites can steal data from other sites.
Site isolation has been enrolled out this year in Chrome 67 and is automatically enabled for better protection. Site isolation was a major architecture change in Chrome. It was prompted by the security scare caused by Meltdown and Spectre security bugs. Site isolation plays a major role in reducing the amount of valuable cross-site information in a web page’s process.
Site isolation provides protection against universal cross-site scripting (UXSS) which is a type of a web browser security bug. If left unchecked, the attacker is able to access the information on the web page by bypassing the Same Origin Policy.
Read Full Article
Comments
Post a Comment