Chrome to block tab-nabbing attacks

From zdnet.com

Chrome Logo

Google will deploy a new security feature in Chrome next year to prevent tab-nabbing, a type of web attack that allows newly opened tabs to hijack the original tab from where they were opened.

The new feature is scheduled to go live with Chrome 88, to be released in January 2021.

While the term “tab-nabbing” refers to a broad class of tab hijacking attacks [see OWASPWikipedia], Google is addressing a particular scenario.

This scenario refers to situations when users click on a link, and the link opens in a new tab (via the¬†“target=_blank”¬†attribute).

Read more…