There has been a silent update of Opera 20, which may have gone unnoticed but it sees some interesting security changes.
The first change is to what is known as the ‘badge’, or the icon that sits to the left of the address field. Opera 20 was given an additional icon, which was a padlock with a red cross over it, signifying a web page that had tried to be secure but had failed. However users were reporting confusion and skepticism so this has now been removed in the latest 20.0.1387.77 version. Opera has said that with some more work and improvements, it may re-introduce this extra badge at a later date.
The second change is that Opera 20.0.1387.77 no longer supports CSP 1.1, following a report from a user that CSP 1.1 leaks large amounts of information cross domain and stated that could be used to discover information about visitors’ relationships with other sites. Opera are keen to address this security issue and is now involved with a discussion in the Web Application Security Working Group, in order to improve security.
[Image via five-alive]