Extending the Same Origin Policy with Origin Attributes

The Same Origin Policy (SOP) builds the foundation of the current web security model. As the web evolves, numerous new specifications propose extensions to the SOP in order to improve site security or improve user privacy. Site operators benefit from an extension to the SOP because it allows sites to partition their physical origin space into many different contexts, each representing their own abstract origin. Users benefit from an extension to the SOP because it allows users to separate user data for privacy purposes and enables richer browsing experiences. Implementing any of these new features requires tremendous engineering effort for browser vendors and entails the risk of introducing new privacy concerning vulnerabilities for end users.

Instead of spending considerable engineering effort to patch the browser for every new specification that proposes to extend the SOP, we re-design a web browsers architecture and build Origin Attributes directly into a browsers rendering engine. Our implementation allows any specification or web technology to integrate into Origin Attributes with minimal engineering effort and reduces the risk of jeopardizing an end user’s security or privacy