Hacker News new | past | comments | ask | show | jobs | submit login
Mozilla's CSS (and Chrome 6) :visited solution is still vulnerable (privacylog.blogspot.com)
5 points by revo_ads on Sept 7, 2010 | hide | past | favorite | 4 comments



Here the official ongoing discussions about the fix and general consequences on web :

http://hacks.mozilla.org/2010/03/privacy-related-changes-com...

https://bugzilla.mozilla.org/show_bug.cgi?id=147777


Oh, i managed to find a way to exploit this. Nice. Back to work Mozilla's team!


this http://whattheinternetknowsaboutyou.com/ already does not work anymore with Firefox 4 Beta and latest official Chrome release.


I confirm this. http://privacylog.blogspot.com/2010/08/mozillas-css-visited-... is still able to detect if i visited a link, on both Firefox 4 beta and Chrome 6. But i don't think it is a threat because Mozilla and Google also blocked document.getElementById(x).style.color. So wouldn't this be practically unexploitable ?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: