October 1, 2020
In order to defend against cache probing attacks, browser developers are actively working on implementing a partitioned HTTP cache functionality that would in essence ensure each website has a distinct cache. Since cache probing relies on the fact that a browser’s HTTP cache is shared across every website, a partitioned HTTP cache can defend against many cache probing techniques. This is done by using tuples (either (top-frame-site, resource-url) like firefox 1 or (top-frame-site, framing-site, resource-url)) like chromium/chrome 2 as the cache keys to ensure the cache is partitioned by the requesting site.
...
October 1, 2020
SameSite cookies are one of the most impactful modern security mechanisms for fixing security issues that involve cross-site requests. This mechanism allows applications to force browsers to only include cookies in requests that are issued same-site 1. This type of cookie has three modes: None, Lax, and Strict.
SameSite Cookie Modes # The following SameSite cookie modes are available:
None – Disables all protections and restores the old behavior of cookies.
...
October 1, 2020
The fundamental idea behind designing protections for subresources is that subresources cannot be targeted by XS-Leaks if the attacker cannot make them return any user data. If implemented correctly, this approach can be a very strong defense, though it is likely to be tough to implement and could negatively impact the user experience.
tip
It can be very effective to deploy this approach on any specific resources that are known to be especially sensitive to XS-Leaks.
...
Document-Policy is an experimental mechanism, similar to another experimental Feature Policy 1, used to cover features which are more about configuring a document, or removing features (sandboxing) from a document or a frame. 2 It can be for example set in a header response as shown in the example below.
example
Document-Policy: unsized-media=?0, document-write=?0, max-image-bpp=2.0, frame-loading=lazy ForceLoadAtTop # The ForceLoadAtTop feature provides an opt-out for Scroll To Text (and other load-on-scroll behaviors) for privacy sensitive sites.
...