User: Password:
Subscribe / Log in / New account

Leaking browser history

Leaking browser history

Posted Jun 26, 2008 20:12 UTC (Thu) by mrshiny (subscriber, #4266)
In reply to: Leaking browser history by johnkarp
Parent article: Leaking browser history

The problem is that you can deduce the status of visited links indirectly without accessing
the link in the dom.  This is because a link which contains text is rendered in a way that
takes up space on the page.  If a visited link changes the size of its container you'd be able
to deduce that a link was visited by examining the container.  You'd need to taint the entire
dom at that point.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds