去年提到的「Google Chrome 要藉由拆開 HTTP Cache 提昇隱私」在最近推出的 Chrome 86 預設生效了:「Chrome changes how its cache system works to improve privacy」。
在 Google 的文章「Gaining security and privacy by partitioning the cache」這邊有提到不同瀏覽器都有打算要支援類似的架構,對應的差異:
Is this standardized? Do other browsers behave differently?
"HTTP cache partitions" is standardized in the fetch spec though browsers behave differently:
- Chrome: Uses top-level scheme://eTLD+1 and frame scheme://eTLD+1
- Safari: Uses top-level eTLD+1
- Firefox: Planning to implement with top-level scheme://eTLD+1 and considering including a second key like Chrome
文章裡面看到了有趣的東西,是他提到了 Fetch 這個標準,然後是在「2.7. HTTP cache partitions」這邊出現了對應的說明:
To determine the HTTP cache partition, given request, run these steps:
Let key be the result of determining the network partition key given request.
If key is null, then return null.
Return the unique HTTP cache associated with key. [HTTP-CACHING]
所以看起來是訂 Fetch 時寫下一套方法,然後拿來擴大套用到整個瀏覽器...
One thought on “Google Chrome 的 Cache Partition 生效”