Buscar en Ayuda

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How to return for special querys a predefined value

more options

Hi guys,

years ago you have been able to read out the browserhistory of a user through bruteforcing the visited links with a link list, css and js.

Meanwhile is this hack stopped the .getComputedStyle will be always as if the user never visited the a special link.

Nowadays we can still read out the browserhistory of users.

Example 1 (on which Im currently working on and where I need support): Through collecting cookies and reading out the domains they belong to we are still able to collect browserhistorys of users.

To stop it Im looking for a similar method like the predefined Value for .getComputedStyle with the CSS hack.

In generell Im trying to do if a javascript calls a cookie from a different Domain to return a predefined value.

Kind regards

Suad

Hi guys, years ago you have been able to read out the browserhistory of a user through bruteforcing the visited links with a link list, css and js. Meanwhile is this hack stopped the .getComputedStyle will be always as if the user never visited the a special link. Nowadays we can still read out the browserhistory of users. Example 1 (on which Im currently working on and where I need support): Through collecting cookies and reading out the domains they belong to we are still able to collect browserhistorys of users. To stop it Im looking for a similar method like the predefined Value for .getComputedStyle with the CSS hack. In generell Im trying to do if a javascript calls a cookie from a different Domain to return a predefined value. Kind regards Suad

Todas las respuestas (1)

more options

How does a script read cookies from a different domain?

If you have discovered a bug in same-origin enforcement, you should file it here and mark it security-sensitive:

https://bugzilla.mozilla.org/