Reading a user’s web history via CSS

Slashdot ran an interesting story titled: “76% Web Users Affected by Browser History Stealing“. NoScript alone can’t save you from this one. The truly amazing part is that it’s been around for 10 years and it’s STILL a known problem with modern web browsers.

There’s a great proof-of-concept site here which will conduct the history leak on your browser. There’s 2 ways it can do this: Javascript and CSS. I’ve been aware of the Javascript method for years, but I’ve only heard about a possible way of doing this with CSS (I’ve never seen it in action before).  That’s the part I found really cool.

From with regard to conducting this using CSS:

Using the :visited pseudoclass on a elements, it is possible to specify a background-url attribute which will make a request to the server if a particular link has been visited. We can thus achieve the same goal of determining visited links without using Javascript. For example:

	a#link1:visited { background-image: url(/log?link1_was_visited); }
	a#link2:visited { background-image: url(/log?link2_was_visited); }
<a href="" id="link1">
<a href="" id="link2"> 

The site even does a write up on solutions to help avoid this (here):
For a quick fix: Firefox or Chrome users, you have private browsing mode or incognito mode respectively.

If you run Internet Explorer (which you should never do), there’s not a whole lot you can do aside from disabling CSS, which will break most websites today.  For prevention methods in IE, Microsoft has an MSDN article for you here.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this:
search previous next tag category expand menu location phone mail time cart zoom edit close