say i do a google search and dragon preloads the first 3 results in the background. can these preloaded pages infect me if they are malicious?
if they can’t then what does the browser do to prevent them from infecting me? also does dragon sandbox preloaded pages?
As with any other Chrome based browser, Dragon uses DNS-Prefetch, TCP-Preconnect and Prerendering by default. Personally, I’d disable Prerendering if only for privacy reasons.
Web Developer’s Guide to Prerendering in Chrome
Chrome Prerendering - The Chromium Projects
do you know if prerendered pages are sandboxed
I’m not aware if they’re sandboxed or not. I guess it will all depend if the prerenderer is running in the same security context as the normal Chrome renderers.
That said, in the links I provided it states: (Mutations to shared local storage)
A third option is to have a local storage sandbox while the page is prerendered, and attempt to transactionally commit changes to the shared local storage when the page becomes activated. See https://sites.google.com/a/chromium.org/dev/developers/design-documents/cookies-and-prerender for some thoughts about how to do this for Cookies.
Also: (Situations in which prerendering is aborted )
In some cases while prerendering a site Chrome may run into a situation that could potentially lead to user-visible behavior that is incorrect. In those cases, the prerender will be silently aborted. Some of these cases include:…
Pages that trigger the malware warning
…
I guess you could always the post a question at the Chromium Prerender group…
Edit: It appears a similar question has already been asked, but the answer is less than definitive:
Lot’s of these types of comment about, if you search…
http://noodleonthis.com/2011/06/29/google-chrome-and-instant-pages-a-hackers-new-best-friend/
to disable prerender you go to wrench->options->under hood->and uncheck predict network actions correct?
Correct.