Was Webentwickler im Bezug auf die Spectre Sicherheitslücke beachten sollten



  • Web developers should consider the following advice to best protect their sites:

    Where possible, prevent cookies from entering the renderer process' memory by using the SameSite and HTTPOnly cookie attributes, and by avoiding reading from document.cookie.

    Make sure your MIME types are correct and specify an X-Content-Type-Options: nosniff header for any URLs with user-specific or sensitive content, to get the most out of cross-site document blocking for users who have Site Isolation enabled.

    Quelle: https://www.chromium.org/Home/chromium-security/ssca


Log in to reply