‘Fenced Frames’ is a New Security and Privacy Feature

Google is adding a new security feature called ‘Fenced Frames.’ These are frames isolated from their embedding page to prevent cross-site information from joining.

Google is currently working on this feature and we will soon see an experimental Chrome flag to test Fenced Frames.

Enable the < fencedframe > element: Fenced frames are an experimental web platform feature that allows embedding an isolated top-level page. See https://github.com/shivanigithub/fenced-frame.

Fenced Frames

That name gives away a lot, right? According to the Github page for this project:

“The fenced frame enforces a boundary between the embedding page and the cross-site embedded document such that user data visible to the two sites is not able to be joined together. This can be helpful in preventing user tracking or other privacy threats.”

Also, as the document suggests, ‘Since this proposal introduces a new HTML element, there may be some concerns and interoperability risks from the ads ecosystem or other browsers’

Average Chrome users will not notice this change. However, this will be a huge improvement to browser security and online privacy.

Summary

Fenced Frames will be added to Blink, Chrome’s rendering engine. This means any Chromium based browser, including Microsoft Edge, will get benefits of this feature.

You can track the status and progress of this feature here. If you are a developer, find the design document here.

Source: Chromium Gerrit.


Leave a ReplyCancel reply