• Home
  • Apps
  • Apps News
  • Google Chrome Will Get New Feature to Stop JavaScript Based ‘Tab Napping’ Attacks: Report

Google Chrome Will Get New Feature to Stop JavaScript Based ‘Tab-Napping’ Attacks: Report

Google Chrome Canary, the version of Chrome for developers, already got this feature.

Share on Facebook Tweet Snapchat Share Reddit Comment
Google Chrome Will Get New Feature to Stop JavaScript Based ‘Tab-Napping’ Attacks: Report

Google Chrome is said to get this feature in January next year

Highlights
  • Google Chrome will become more secure when opening links in new tabs
  • Google Chrome will get ‘tab-napping’ prevention in January 2021
  • The feature has already made its way to Chrome Canary

Google Chrome is getting a new feature that improves security for pages that open in a new tab, says a report. The vulnerability Google is fixing, is a kind of ‘tab-napping' where a page would be opened in legitimate tab, and your original page would be redirected. The new page would open a legitimate page, but the page you left would still be accessible and would redirect to a malicious page that could harm your computer or be used to phish you for passwords or payment information.

A report by Bleeping Computer states that to prevent ‘tab-napping', a new attribute called rel=”noopener” has been created that stops the newly opened tab from using JavaScript, preventing it from further redirecting user to a different URL.

As per the report, a note by Microsoft Edge developer Eric Lawrence states, “To mitigate ‘tab-napping' attacks, in which a new tab/ window opened by a victim context may navigate that opener context, the HTML standard changed to specify that anchors that target_blank should behave as if |rel=”noopener”| is set. A page wishing to opt out of this behavior may set |rel=”opener”|.”

The report adds that this feature has been added to Chrome Canary — Chrome's experimental model primarily for developers — and will make its way to the stable public version by January next year.

Back in 2018, Apple and Mozilla made some changes to Safari and Firefox to make links more secure, according to the report. It added a function that automatically added the ‘noopener' attribute to links that had target=”_blank” in them. Here, the browser automatically secured the URLs that don't have ‘noopener' attribute in them.

Last week, Eric Lawrence brought this feature to Chromium which means that it will be added to Microsoft Edge, Google Chrome, Brave, and other Chromium-based browsers.


Which is the best TV under Rs. 25,000? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

 

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Vineet Washington Vineet Washington writes about gaming, smartphones, audio devices, and new technologies for Gadgets 360, out of Delhi. Vineet is a Senior Sub-editor for Gadgets 360, and has frequently written about gaming on all platforms and new developments in the world of smartphones. In his free time, Vineet likes to play video games, make clay models, play the guitar, watch sketch-comedy, and anime. Vineet is available on vineetw@ndtv.com, so please send in your leads and tips. More
iPhone 11 Is Most Shipped Smartphone Globally in Q3 but Samsung Dominated Top 10 Shipping Smartphones: Canalys

Related Stories

 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2020. All rights reserved.
Listen to the latest songs, only on JioSaavn.com