Open-Source Wikis

/

Gecko

/

Features

/

Fission (site isolation)

mozilla/gecko-dev

Fission (site isolation)

Fission is the project that splits the renderer per eTLD+1 so different origins live in different content processes — even within a single tab when iframes are cross-origin. It mitigates Spectre-style cross-origin leaks and aligns Firefox with the threat model used by other modern browsers.

What changed

Before Fission, a Firefox tab corresponded to a single content process; iframes from third-party origins ran in the same process as the top-level page. With Fission, every cross-origin frame is hosted by its own out-of-process content process, with parents/children stitched together via IPC.

Implementation surface

Cross-process surfaces that had to change

API Old behavior Under Fission
window.parent.foo Synchronous direct access Cross-origin: synchronous null/throws; same-origin: handled via window proxy
postMessage Same process Routed across IPC
Storage events Process-local broadcast Synced via parent
document.domain Mutable host check Largely vestigial; cross-origin still isolated

Tuning

  • fission.autostart — global toggle.
  • dom.ipc.processCount.webIsolated — pool size for Fission processes.
  • fission.webContentIsolationStrategy — controls how aggressively to isolate.

Built by Factory AutoWiki from public repository content. It is a generated preview for codebase exploration, not source-maintained documentation.

Fission (site isolation) – Gecko wiki | Factory