Ο Firefox 88 was released on Monday and among the changes brought by new edition there is a change in how the browser will handle the window.name property.
Previously, this property worked throughout the life of a tab, which means that as a user moved from one site to another, the value in the property remained and data from one site could be read by another.
“Surveillance companies abuse this property to leak information and have effectively turned it into one channel επικοινωνίας για τη transport data between sites," says engineer Tim Huang, in a blog post.
"Even worse, malicioussites were able to observe the contents of window.name to collect personal user data that had been accidentally leaked by another site.”
With the new version, Firefox will delete the property when switching between sites, and when a user returns to a site, the window.name value will be restored.
"Together, these dual rules for clearing and restoring window.name data restrict this data to the site where it was originally created, just as Firefox Total Cookie Protection restricts cookies to the site where it was created," Huang said.
"This restriction is necessary to prevent leaks from malicious websites that used window.name to collect users' personal data."
