Origin isolation

Origin isolation allows web developers to opt in to giving up certain cross-origin same-site access capabilities (namely synchronous scripting via document.domain, and SharedArrayBuffers.postMessage()). This allows browsers to potentially segregate the origin into its own process. The developer can also provide hints to the browser as to why they are doing so, in the hopes of guiding the browser's process allocation.

Site isolation, i.e. process-per-site, is the current state of the art in protecting websites from each other. Certain legacy features prevent us from aligning this protection boundary with the origin boundary. Origin isolation allows developers to voluntarily give up these legacy features, in exchange for better isolation. Reasons why a site may want better isolation include: performance isolation, allocations of large amounts of memory, side-channel protection (e.g. against Spectre), and improved memory measurement.

Documentation

Specification

Public discussion

Status in Chromium

Internals>Sandbox>SiteIsolation


In development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No public signals
  • No public signals
  • No public signals
  • Positive

Owners

Last updated on 2020-01-15