A report said that Google Chrome is getting a new feature that can improve the security of pages opened in new tabs. The vulnerability that Google fixes is a “nap” phenomenon, that is, opening a page in a legal tab and then redirecting your original page. The new page will open a legitimate page, but the page you left will still be accessible and will be redirected to a malicious page that may harm your computer or be used to impersonate you to obtain passwords or payment information.

A report by Bleeping Computer stated that to prevent “tab naps”, a new attribute called rel=”noopener” has been created, which prevents newly opened tabs from using JavaScript, thereby preventing them from redirecting users further To other URL.

According to the report, Microsoft Edge developer Eric Lawrence pointed out in a note: “To mitigate “tag wiretapping” attacks, in this attack, new tabs/windows opened in the context of the victim may be viewed The opener context, so the HTML standard changes to specify the target_blank anchor behavior should be similar to | rel = “noopener” | is set. Pages wishing to exit this behavior can set | rel = “opener” |.”

The report added that this feature has been added to Chrome Canary (Chrome’s experimental model mainly for developers) and will be released to a stable public version in January next year.

The report said that as early as 2018, Apple and Mozilla made some changes to Safari and Firefox to make links more secure. It adds a feature that will automatically add the’noopener’ attribute to the link with target=”_blank” in it. Here, the browser automatically protects URLs without the “noopener” attribute.

See also  Google Chrome Sync will be used on Android as an optional operation for login, payment and password management

Last week, Eric Lawrence introduced the feature to Chromium, which means it will be added to Microsoft Edge, Google Chrome, Brave and other Chromium-based browsers.


This is the best TV under Rs. 25,000? We discussed on the weekly technical podcast Orbital, you can subscribe via Apple Podcast, Google Podcast or RSS, download the episode, or click the play button below.