News: 0000826623

The Mozilla Hacks blog [1]covers some recent Firefox changes that will allow code from web sites to use shared memory and high-resolution timers in a (hopefully) safe manner. " Together with others in the WHATWG community, we designed a set of headers that meet these requirements. The Cross-Origin-Opener-Policy header allows you to process-isolate yourself from attackers. It also has the desirable effect that attackers cannot have access to your global object if they were to open you in a popup. This prevents XS-Leaks and various navigation attacks. Adopt this header even if you have no intention of using shared memory! "



[1] https://hacks.mozilla.org/2020/07/safely-reviving-shared-memory/