Open Bug 1723801 Opened 1 year ago Updated 1 year ago

Isolate COOP sites using Android Fission


(Core :: DOM: Content Processes, enhancement)





(Reporter: cpeterson, Unassigned)



(Whiteboard: [fission:android:m3])

Google announced:

Chrome [92] will now trigger Site Isolation based on the new Cross-Origin-Opener-Policy (COOP) response header. Supported since Chrome 83, this header allows operators of security-conscious websites to request a new browsing context group for certain HTML documents.
Site Isolation will treat non-default values of the COOP header on any document as a signal that the document's underlying site may have sensitive data and will start isolating such sites. Thus, site operators who wish to ensure their sites are protected by Site Isolation on Android can do so by serving COOP headers on their sites.

Implementing COOP site isolation in Gecko depends on the site isolation policy pref from bug 1723797.

Agi asked if COOP site isolation could land in Nightly 93 or 94.

No longer blocks: 1729640
You need to log in before you can comment on or make changes to this bug.