Ο Firefox 88 was released on Monday and among the changes brought by new edition there is a change in how the browser will handle the window.name property.
Before, this property worked throughout duration lifetime of a record, meaning that as a user moved from one site to another, the value in the property persisted and data from one site could be read by someone else.
"The Companies trackers are abusing this property to leak information and have effectively turned it into a communication channel for transferring data between sites," says engineer Tim Huang, in a blog post.
"Even worse, malicious websites were able to monitor the content of window.name to collect personal data of users who had accidentally leaked it from another site."
With the new version, Firefox will delete the property when switching between sites, and when a user returns to a site, the window.name value will be restored.
“Μαζί, αυτοί οι διπλοί κανόνες για την εκκαθάριση και την επαναφορά των δεδομένων του window.name περιορίζουν αυτά τα δεδομένα στον ιστότοπο στον οποίο δημιουργήθηκαν αρχικά, όπως το Full Cookie Protection of Firefox restricts cookies to the site where they were created," Huang said.
"This restriction is necessary to prevent leaks from malicious websites that used window.name to collect users' personal data."
