IE8 'isolates frame process from the tabs processes' Microsoft

Andy Ziegler, published an interesting post going into some technical details about how Internet Explorer keeps tabs separate from one another. First, tab isolation is a reliability feature; if one tab crashes, you don’t want to lose all your other tabs. And second, it’s also a security feature, one that browser developers have been wrestling […]

Andy Ziegler, published an interesting post going into some technical details about how Internet Explorer keeps tabs separate from one another. First, tab isolation is a reliability feature; if one tab crashes, you don’t want to lose all your other tabs. And second, it’s also a security feature, one that browser developers have been wrestling with for years in the form of cross-site scripting and other attacks. There’re two different implementations available today, each with different benefits. In a tabbed browser without isolation, a problem in one tab can crash the entire browser. For example, a crash in a webpage in Firefox 3.6 or IE7 will bring down the entire browser. “IE8 isolates ‘frame process’ (title bar, back button, address bar, etc.) from ‘tabs processes’ (that show web pages). If anything causes a site to crash, the frame and other tab processes willn’t crash. IE isolates the whole tab – all of its code, data, and extensions – to keep IE resilient to webpages with issues. In addition to using multiple processes, IE8 on Windows 7 and Vista (and IE7 on Vista) sandboxes the tab processes in Protected Mode for security reasons. Specifically, tabs run without permissions to install software, modify settings, or change files of any user.”

More info: Tab Isolation