Security News > 2021 > April > Firefox 88 Combats Cross-Site Tracking to Improve User Privacy

Firefox 88 Combats Cross-Site Tracking to Improve User Privacy
2021-04-20 15:09

Mozilla this week released Firefox 88 in the stable channel with patches for a dozen vulnerabilities and with improved user privacy, obtained through isolating the window.

Name property has been available for websites to store whatever data they choose to, but such data has often been allowed to leak between sites, essentially allowing for the tracking of users across the pages they visit.

"Tracking companies have been abusing this property to leak information, and have effectively turned it into a communication channel for transporting data between websites. Worse, malicious sites have been able to observe the content of window.name to gather private user data that was inadvertently leaked by another website," Mozilla says.

To put a stop to this behavior, Firefox will no longer allow websites to access the window.

Whenever the user navigates back to a website, Firefox will restore the property to its previous value for that site.

"Firefox will attempt to identify likely non-harmful usage of window.name and avoid clearing the property in such cases. Specifically, Firefox only clears window.name if the link being clicked does not open a pop-up window," Mozilla says.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/CfRpGwdNFrk/firefox-88-combats-cross-site-tracking-improve-user-privacy