Site isolation
Opened this issue · 0 comments
awesomekling commented
We should implement site isolation, where each site (scheme + domain + port) gets its own WebContent process, and code from each origin only runs in that process.
When one site embeds an iframe from another site, we'll have two WebContent processes who will have to coordinate communication, layout, rendering, input, etc.
Here's how they've done it in Chromium:
https://www.chromium.org/Home/chromium-security/site-isolation/