The report has said that Google Chrome is going to get the latest feature that enhances security for pages that open in a new tab. The susceptibility is fixed by the company and is a kind of ‘tab-napping’ where a page will be opened in a genuine tab, and the user’s original page would be redirected. The new page will open a valid page, but the page that they left will still be available and would redirect to a spiteful page that could potentially harm their computer or it could be used to phish the user for giving their passwords or payment details.
Image from Google
According to the report, it has been stated that to alleviate ‘tab-napping’ attacks, in which a new tab or a window can be opened by a victim context might steer that opener context, the HTML standard changed to stipulate that anchors that target blank should act as if |rel=”noopener”| is set. A page wishing to opt-out of this action might set |rel=” opener”|.”
The report has added that this feature has been added to Chrome Canary which is Chrome’s trial model chiefly for developers and it will make its way to the stable public version by 2021’s January.
In the year 2018, Apple and Mozilla had made few alterations to Safari and Firefox to make links safer, as per the report. It had added a function that automatically adds the ‘noopener’ attribute to links that had target=”_blank” in them. Here, the browser routinely secures the URLs that don’t have the ‘noopener’ attribute in them.
The former week, someone brought this feature to Chromium which means that it would be added to browsers like Microsoft Edge, Google Chrome, Brave, and other Chromium-based browsers.