Google is thinking of restricting its Chrome browser’s ability to look at local Web pages to tighten the Web browser’s security.

According to Information Week , insider attacks tend to pose a greater computer security risk than external ones because insiders have greater systems access privileges.

In the last security fix for a vulnerability that allowed downloaded HTML files to read other local files and send them out to the Internet there was a clue to Google’s thinking on the problem.

Part of the fix included preventing local files from connecting to the Web with an XMLHttpRequest(), a widely used means of sending text data from Web browsers to Web servers.

Now in the Chromium Blog, Google engineer Adam Barth suggested that engineers wanted to extend this sort of restriction and wants additional restrictions on local Web pages.

This could include directory-based restrictions or preventing local Web pages from sending information to the Internet across a broader set of protocols.

Google does not like Microsoft’s technique of disabling JavaScript with an ‘infobar’ override. It thinks that users are too dumb to understand the security implications of re-enabling JavaScript.

However if Chrome does become that inflexible offline Web applications, like the open source TiddlyWiki, which relies on local HTML pages, could become useless. X