Google Chrome 5, the latest iteration of Google’s Web browser, is using a new HTML5 feature to help Web developers improve security.
Google released the updated Chrome browser May 24 with support for a sandbox attribute in iframes that allows developers to reduce the privileges of parts of their Web pages.
The sandbox attribute has been highlighted before as a way developers can boost security. Chris Wysopal, CTO of Veracode, discussed the feature with eWEEK in an article about HTML5 security, and noted the feature could help protect against malicious third-party ads.
In a May 27 post on the Chromium blog, Google Software Engineer Adam Barth explained:
““When displaying untrusted.html in a sandboxed iframe, the browser renders untrusted.html with reduced privileges (e.g., disabling JavaScript and popups), similar in spirit to how Google Chrome sandboxes its rendering engine.”“
Among other things, with sandboxing implemented, iframes cannot access execute scripts or read or write cookies, SQL databases or local storage.
Barth continued:
““You can give untrusted.html some of its privileges back by whitelisting the privileges in the value of the sandbox attribute. … Because @sandbox is a white list, the browser still imposes the remainder of the sandbox restrictions on untrusted.html. For example, untrusted.html does not have the privilege to create popup windows or instantiate plug-ins.”“
Developers using the feature should think carefully about how legacy browsers will interpret their HTML, he advised.
“The easiest way to use @sandbox is for ‘defense-in-depth,'” he added. “Instead of relying upon @sandbox as your only line of defense, you can use it as an additional security mitigation in case your first line of defense (such as output encoding) fails. Because legacy browsers ignore attributes they do not understand, you can add @sandbox to existing iframes and improve security for users of newer browsers.”