Ο Firefox 88 was released on Monday and among the changes that the new version brings is one change στον τρόπο με τον οποίο το πρόγραμμα περιήγησης θα χειρίζεται την ιδιότητα window.name.
Previously, this property worked throughout the life of a tab, which means that as a user moved from one site to another, the value in the property remained and data from one site could be read by another.
"The Companies trackers are abusing this property to leak information and have effectively turned it into a communication channel for transferring data between sites," says engineer Tim Huang, in a blog post.
"Even worse, malicious websites were able to monitor the content of window.name to collect personal data of users who had accidentally leaked it from another site."
With the new version, Firefox will delete the property when switching between sites, and when a user returns to a site, the window.name value will be restored.
"Together, these dual rules for clearing and restoring window.name data restrict that data to the site where it was originally created, such as Total Cookie Firefox Protection limits the cookies to the site where they were created," Huang said.
"This restriction is necessary to prevent leaks from malicious websites that used window.name to collect users' personal data."
