Cross-Origin Opener Policy (COOP)
Cross-Origin Opener Policy (COOP) 是什么?
Cross-Origin Opener Policy (COOP)An HTTP response header that lets a document opt into a process-isolated browsing context group, preventing cross-origin windows from inspecting or manipulating it via `window.opener` and friends.
Cross-Origin Opener Policy is a browser security header (`Cross-Origin-Opener-Policy`) that controls whether a top-level document shares a browsing-context group with cross-origin openers and pop-ups. Values are `unsafe-none` (the default, fully shared), `same-origin-allow-popups` (isolates the document but lets it open cross-origin pop-ups), and `same-origin` (full isolation). With `same-origin`, the browser severs the `window.opener` reference for cross-origin navigations, preventing attacks such as XS-Leaks that rely on probing properties of a sibling tab. COOP is also a precondition for the cross-origin isolated state, which together with COEP (`Cross-Origin-Embedder-Policy: require-corp`) unlocks `SharedArrayBuffer`, high-resolution timers, and other features that were restricted in the wake of Spectre. Most security-sensitive sites set `Cross-Origin-Opener-Policy: same-origin` and `Cross-Origin-Embedder-Policy: require-corp` together.
● 示例
- 01
An authenticated dashboard sets `Cross-Origin-Opener-Policy: same-origin` so that any window opened from an attacker site cannot read its `window` object after navigation.
- 02
A WASM-heavy app enables COOP and COEP together to qualify for cross-origin isolation and regain access to `SharedArrayBuffer`.
● 常见问题
Cross-Origin Opener Policy (COOP) 是什么?
An HTTP response header that lets a document opt into a process-isolated browsing context group, preventing cross-origin windows from inspecting or manipulating it via `window.opener` and friends. 它属于网络安全的 应用安全 分类。
Cross-Origin Opener Policy (COOP) 是什么意思?
An HTTP response header that lets a document opt into a process-isolated browsing context group, preventing cross-origin windows from inspecting or manipulating it via `window.opener` and friends.
Cross-Origin Opener Policy (COOP) 是如何工作的?
Cross-Origin Opener Policy is a browser security header (`Cross-Origin-Opener-Policy`) that controls whether a top-level document shares a browsing-context group with cross-origin openers and pop-ups. Values are `unsafe-none` (the default, fully shared), `same-origin-allow-popups` (isolates the document but lets it open cross-origin pop-ups), and `same-origin` (full isolation). With `same-origin`, the browser severs the `window.opener` reference for cross-origin navigations, preventing attacks such as XS-Leaks that rely on probing properties of a sibling tab. COOP is also a precondition for the cross-origin isolated state, which together with COEP (`Cross-Origin-Embedder-Policy: require-corp`) unlocks `SharedArrayBuffer`, high-resolution timers, and other features that were restricted in the wake of Spectre. Most security-sensitive sites set `Cross-Origin-Opener-Policy: same-origin` and `Cross-Origin-Embedder-Policy: require-corp` together.
如何防御 Cross-Origin Opener Policy (COOP)?
针对 Cross-Origin Opener Policy (COOP) 的防御通常结合技术控制与运营实践,详见上方完整定义。
Cross-Origin Opener Policy (COOP) 还有哪些其他名称?
常见的别称包括: COOP。
● 相关术语
- appsec№ 262
Cross-Origin Embedder Policy (COEP)
An HTTP response header that forces every cross-origin subresource a document loads to explicitly opt in via CORS or CORP, completing the cross-origin isolation prerequisites alongside COOP.
- appsec№ 237
内容安全策略 (CSP)
一种 HTTP 响应头,告诉浏览器允许加载哪些来源的脚本、样式、框架等内容,从而限制 XSS 与数据注入攻击的影响。
- appsec№ 552
HTTP 安全响应头
指示浏览器执行强制 HTTPS、限制嵌入、内容策略和引用来源等防御行为的响应头集合。
- appsec№ 1071
同源策略 (SOP)
浏览器的安全规则,限制来自一个源的文档或脚本如何与来自不同源的资源交互。
- appsec№ 1164
站点隔离
Chromium 的一种安全架构,将不同站点的文档放入独立的操作系统进程,使被攻陷的渲染进程无法读取跨站点数据。
- vulnerabilities№ 1192
Spectre
一类利用 CPU 推测执行,通过基于缓存的侧信道跨越安全边界泄露数据的微架构攻击。
● 参见
- № 911Permissions-Policy