You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Chrome is planning to ship an update to its HTTP cache keying scheme that will include an “is-cross-site-top-level-navigation” boolean to mitigate cross-site leak attacks involving top-level navigations. Specifically, this will prevent cross-site attacks in which an attacker can initiate a top-level navigation to a given page and then navigate to a resource known to be loaded by the page in order to infer sensitive information via load timing. This change also improves privacy by preventing a malicious site from using navigations to infer whether a user has visited a given site previously. More information on this attack can be found at: https://xsleaks.dev/docs/attacks/navigations/#partitioned-http-cache-bypass
From a standards perspective, the spec calls for partitioning the HTTP cache by at least top-level site, but partitioning beyond that is implementation-defined. The relevant parts of the spec are:
IIUC, all browsers do partition by top-level site [1][2], but there hasn't been much recent progress on standardizing beyond that. Some existing differences I'm aware of:
Chrome also partitions by frame site and an "is-subframe-navigation" boolean
Firefox also partitions using an "is-cross-origin-fetch" boolean [3]
I've left a comment about this in whatwg/fetch#1035 (comment), but opening this as well to get a formal standards position. Thanks!
WebKittens
@annevk
Title of the proposal
Partitioning cross-site top-level navigations in the HTTP cache
URL to the spec
https://fetch.spec.whatwg.org/#http-cache-partitions
URL to the spec's repository
https://github.com/whatwg/fetch
Issue Tracker URL
No response
Explainer URL
No response
TAG Design Review URL
No response
Mozilla standards-positions issue URL
mozilla/standards-positions#1177
WebKit Bugzilla URL
No response
Radar URL
No response
Description
Chrome is planning to ship an update to its HTTP cache keying scheme that will include an “is-cross-site-top-level-navigation” boolean to mitigate cross-site leak attacks involving top-level navigations. Specifically, this will prevent cross-site attacks in which an attacker can initiate a top-level navigation to a given page and then navigate to a resource known to be loaded by the page in order to infer sensitive information via load timing. This change also improves privacy by preventing a malicious site from using navigations to infer whether a user has visited a given site previously. More information on this attack can be found at: https://xsleaks.dev/docs/attacks/navigations/#partitioned-http-cache-bypass
From a standards perspective, the spec calls for partitioning the HTTP cache by at least top-level site, but partitioning beyond that is implementation-defined. The relevant parts of the spec are:
IIUC, all browsers do partition by top-level site [1][2], but there hasn't been much recent progress on standardizing beyond that. Some existing differences I'm aware of:
I've left a comment about this in whatwg/fetch#1035 (comment), but opening this as well to get a formal standards position. Thanks!
[1] https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning#network_partitioning
[2] https://webkit.org/tracking-prevention/#partitioned-third-party-http-cache
[3] https://hg.mozilla.org/mozilla-central/rev/94ed4d6361b3
The text was updated successfully, but these errors were encountered: