Closed
Bug 547002
Opened 14 years ago
Closed 14 years ago
Browser history can be retraced by any website through the link coloring
Categories
(Firefox :: Security, defect)
Tracking
()
VERIFIED
DUPLICATE
of bug 147777
People
(Reporter: legreg_mozillaorg, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 (.NET CLR 3.5.30729) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 (.NET CLR 3.5.30729) It seems that some websites have found way to exploit the coloring of web links : They run javascript that checks whether a link is displayed in one color or another then they can tell that the user has visited the tested website. This sounds like a potential security hole that needs to be filled. Users expect that their browsing history is private rather than exposed to any random website that they visit. Reproducible: Always Steps to Reproduce: 1.Visit the provided link 2.it may find websites you've visited in the past if they're in your browser history. Actual Results: Website linked displays websites you have visited earlier. Expected Results: A random website should not have access to this information. Possible workaround is to prevent the browser to remember history between sessions or to clear it after each visited website but is not practical and some people like to remember their history.
Comment 1•14 years ago
|
||
very old news - please search before you file a bug
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•