Chrome will support new HTML tags to protect user privacy

In the latest move to improve the privacy protection of the Chrome browser, Google is planning to add support for a new HTML tag to Chrome that prevents users from being tracked by isolating the embedded content from the embedded page. Currently, web browsers allow third-party iframes to communicate with their embedded pages. This can be achieved through postMessage, attributes (such as size and name), and permissions.

In order to prevent cross-page/site tracking, Google is adding a new form of embedded iframe called “Fenced Frame” to isolate embedded content and not allow it to see user data embedded in the page.

Hidden Chrome Features

Fenced Frame is a new form of embedded documents, which enforces a boundary between the embedded page and the cross-site embedded document. This change ensures that the two websites cannot share your data, which will help prevent users from being tracked or facing other privacy threats.

According to Google, Fenced Frame has the following characteristics:
  • They’re not allowed to communicate with the embedder and vice-versa, except for certain information such as limited size information, the embedder’s top-level site, and the frame’s document url.
  • They do not have storage access (e.g., cookies, localStorage, etc.) by default.
  • They may have access to some unpartitioned user data, for example, turtledove interest group.

According to Google, Fenced Frame will have read-only access to some unpartitioned storage, and the API will have a new element type. Fenced Frame is still in the prototype stage and has not yet entered the development stage. The actual situation is that Fenced Frame was recently added to the test build, indicating that Google plans to introduce this feature to the Chrome browser in the future.

Via: bleepingcomputer