The big thing these days are applications with interfaces that work with a web browser. This allows support across operating systems and devices by having the server to all the grunt work, with a standard interface that works on everything from desktop to mobile devices. All well and good. But tinkering with one had me thinking about information leakage between tabs and windows.
Here's the issue: An application is pulled up on the default browser. The user then looks up information on the web. This opens as a new tab, or a new window in the same browser. Now the browser had two different web sites open, one with the application, and one with the user looking up information.
Now, in the application window, the user types in his user name and password. Could this information be seen by the web site in the other tab or window?
I've tinkered with setting up different profiles, and while that kind of sort of works, and while Windows Task Manager shows different instances of the same browser, I'm not convinced there's no possibility of sharing information.
Anyone have any information on this? I have a sick feeling that the move toward web browser interfaces may be a bad thing.
Here's the issue: An application is pulled up on the default browser. The user then looks up information on the web. This opens as a new tab, or a new window in the same browser. Now the browser had two different web sites open, one with the application, and one with the user looking up information.
Now, in the application window, the user types in his user name and password. Could this information be seen by the web site in the other tab or window?
I've tinkered with setting up different profiles, and while that kind of sort of works, and while Windows Task Manager shows different instances of the same browser, I'm not convinced there's no possibility of sharing information.
Anyone have any information on this? I have a sick feeling that the move toward web browser interfaces may be a bad thing.