Firefox 88: The Mozilla Firefox 88 update offers a new data protection feature

The latest update for the Mozilla Firefox Web browser, Firefox 88added a new privacy feature that deals with a JavaScript Variable named “”. When you open a new tab in a browser, it can usually tag the new tab with a name or tag. This “named” page can be used as a target to open more content and, as such, leaves a window open for hackers to sniff around on your system.
According to a report from Nackter, the property does not follow what is known as the Same-Origin Policy (SOP), whereby only cookies and JavaScript variables set by website X can be read back from website X. The SOP is an essential part of web security as it prevents Site Y, which may be an unscrupulous marketing site or crook-run phishing site, from accessing personally identifiable information stored on Site X. ”
Why can the property be dangerous? The cookies and other location-specific JavaScript variables can store sensitive details such as your username, your bank credentials, your profile, the contents of your shopping cart and more. Hence the property could be exploited to bypass the planted SOP and malware attacks.
But with Firefox 88, the company claims it plugged that hole. “To fix this leak, Firefox is now limiting the property to the website that created it.” When a user opens a tab in Firefox with the new update, the property is limited to that tab only. If you enter a different address on this tab, the value stored in the variable will be erased and so hopefully no trace of web activity can be lost.


Leave a Reply