Category Archives: browsers

Specifying Per-Site Policy with Chromium’s URL Filter Format

Chromium-based browsers like Microsoft Edge make very limited use of Windows Security Zones. Instead, most permissions and features that offer administrators per-site configuration via policy rely on lists of rules in the URL Filter Format. Filters are expressed in a syntax (Chrome Doc, Edge Doc) that is similar to other types of globbing rules, butContinue reading “Specifying Per-Site Policy with Chromium’s URL Filter Format”

Web Proxy Authentication

Last year, I wrote about how the new Microsoft Edge’s adoption of the Chromium stack changed proxy determination away from the Windows Service (WinHTTP Proxy Service) to similar but not identical code in Chromium. This change mostly goes unnoticed, but it can have performance and functionality implications. In today’s post, I want to explore anotherContinue reading “Web Proxy Authentication”

window.close() Restrictions

Sometimes, Web Developers are surprised to find that the window.close() API doesn’t always close the browser window. When looking at the Developer Tools console, they’ll see a message like: Scripts may close only the windows that were opened by them. Why Do Browsers Limit close()? Before we dive into what factors govern what happens whenContinue reading “window.close() Restrictions”

Sandboxing vs. Elevated Browsing (As Administrator)

The Web Browser is the most security-critical application on most users’ systems– it accepts untrusted input from servers anywhere in the world, parses that input using dozens to hundreds of parsers, and renders the result locally as fast as it can. For performance reasons, almost all code in almost all browsers is written in memory-unsafeContinue reading “Sandboxing vs. Elevated Browsing (As Administrator)”

Simply Making Simple Fixes Simple for Chromium

Google recently introduced a cool web-based editing tool for Chromium source code, a very stripped down version of the Willy Wonka tooling Googlers get to use for non-Chromium projects. I’ve used this tool to submit two trivial change lists (CLs, aka PRs) to Chromium, but I was curious about whether this new feature would workContinue reading “Simply Making Simple Fixes Simple for Chromium”