search cancel

Web Isolation Client Application No Longer Cached For Every Domain

book

Article ID: 227966

calendar_today

Updated On:

Products

Web Isolation Web Isolation Cloud

Issue/Introduction

The web isolation client-logic triggers a download of application resources to the client on each first time browsing to a new top-level domain (previously, this was done once for all domains). Hence, this may cause additional delay in the first time loading of a site.

Cause

In March 2021, Google (Chrome 89) enabled by default a feature called “HTTP cache partitioning” for enhanced privacy, thus the impact on Web Isolation is that caching of the client-logic is now not shared across different site domains, but is cached per domain.

In parallel, Firefox also added this for version 86 (February 2021) in Strict Mode (called "Total Cookie Protection").

In Safari, this behavior has existed since 2013.

Resolution

No fix is available, only a workaround.

 

Disable HTTP cache partitioning by registry that adds this command line argument:

[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome]
"AdditionalLaunchParameters"="--disable-features=SplitCacheByNetworkIsolationKey"

Additional Information

For more information on cache partitioning

Gaining security and privacy by partitioning the cache