Closed
Bug 224954
Opened 21 years ago
Closed 21 years ago
CSS allows to check history via :visited
Categories
(Core :: Security, defect)
Core
Security
Tracking
()
VERIFIED
DUPLICATE
of bug 147777
People
(Reporter: zbraniecki, Assigned: security-bugs)
Details
Attachments
(1 file)
1.39 KB,
text/html
|
Details |
There is a hole in Mozilla's CSS :visited anchor support allowing any potential script to check if user visited some pages and of course siletly send those informations anywhere. How does it work? Script has to create anchor and check if it's color is the same as a:visited one. If so - page was visited. OF course it doesn't give access to whole history, but it's still very, very big hole. For example I can check if visitor visited my sponsor site and if not, i wont allow him to visit my site. Steps to reproduce: 1) Open Attachment Actual result: Script can tell me what pages i visited Expected result: Script shouldn't have access to personal data like history. Meaby links should be colorized, but color value should stay?
Reporter | ||
Comment 1•21 years ago
|
||
Comment 2•21 years ago
|
||
*** This bug has been marked as a duplicate of 147777 ***
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
Updated•20 years ago
|
Status: RESOLVED → VERIFIED
Comment 3•17 years ago
|
||
Here's a site which demonstrates this security risk: http://gemal.dk/browserspy/css.html
You need to log in
before you can comment on or make changes to this bug.
Description
•