Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for December 5, 2013
Deadline scheduling: coming soon?
LWN.net Weekly Edition for November 27, 2013
ACPI for ARM?
LWN.net Weekly Edition for November 21, 2013
Couldn't you add a data tainting mechanism to JS/DOM, such that the client
side can use the history, but nothing derived from it can be sent to a
Leaking browser history
Posted Jun 26, 2008 20:12 UTC (Thu) by mrshiny (subscriber, #4266)
The problem is that you can deduce the status of visited links indirectly without accessing
the link in the dom. This is because a link which contains text is rendered in a way that
takes up space on the page. If a visited link changes the size of its container you'd be able
to deduce that a link was visited by examining the container. You'd need to taint the entire
dom at that point.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds