A new privacy system developed by Google, Mozilla and researchers from University College London, Stanford Engineering and Chalmers aims to address an increasingly prevalent online security risk caused by websites that draw content from numerous sources.
Confinement with Origin Web Labels, or COWL for short, stops malicious code in a website from doing malicious things but without stopping a website from being able to display content from numerous websites as part of its service.
Pulling in elements from other sources in order to offer specific features is a key feature of a growing number of modern websites. It’s how price comparison or aggregation sites work for example — pulling in data from a host of sources and then displaying them in the browser.
COWL will be given to developers, for free, later this month so that they can incorporate it into the websites and automatically offer visitors an extra layer of online security.
Deian Stefan, lead PhD student on the project at Stanford, said: “What we’ve achieved in COWL is a system that lets web developers build feature-rich applications that combine data from different web sites without requiring that users share their login details directly with third-party web applications, all while ensuring that the user’s sensitive data seen by such an application doesn’t leave the browser. Both web developers and users win.”