Forgot your password?
typodupeerror
Security Privacy

Sniffing Browser History Without Javascript 216

Posted by kdawson
from the hole-in-css dept.
Ergasiophobia alerts us to a somewhat alarming technology demonstration, in which a Web site you visit generates a pretty good list of sites you have visited — without requiring JavaScript. NoScript will not protect you here. The only obvious drawbacks to this method are that it puts a load on your browser, and that it requires a list of Web sites to check against. "It actually works pretty simply — it is simpler than the JavaScript implementation. All it does is load a page (in a hidden iframe) which contains lots of links. If a link is visited, a background (which isn't really a background) is loaded as defined in the CSS. The 'background' image will log the information, and then store it (and, in this case, it is displayed to you)."
This discussion has been archived. No new comments can be posted.

Sniffing Browser History Without Javascript

Comments Filter:

When the weight of the paperwork equals the weight of the plane, the plane will fly. -- Donald Douglas

Working...