With CSS website designers can make links a different color if they have been visited by the user. For example this link should be colored differently than this other link. The first link you have been to before (it?s the page you are on right now) while the second link you have never visited (because it is fictitious). Now you?re thinking ?but how can this be used to steal my history??. Let?s dive a little deeper.
Example Code
The code to do this examination can be a little tricky due to cross browser issues. Here is a snippet of Javascript that can do the evaluation (based on the Hey you! Where have you been? blog post by Peter van der Graaf and script from Jeremiah Grossman and Robert Cabri):
function hasLinkBeenVisited(url) {
var link = document.createElement('a');
link.href = url;
document.body.appendChild(link);
if (link.currentStyle) {
var color = link.currentStyle.color;
if (color == '#ff0000')
return true;
return false;
} else {
link.setAttribute("href",url);
var computed_style = document.defaultView.getComputedStyle( link, null );
if (computed_style) {
if (computed_style.color == 'rgb(255, 0, 0)')
return true;
}
return false;
}
}
How To Stop People From Spying On Your Browser History
There are two sure fire ways to stop people from stealing your browser history.
The nuclear option is to disable JavaScript within your browser. In Firefox
found on
http://www.merchantos.com/makebeta/tools/spyjax/
Click here to download:
spyjax_service.zip (616 KB)
0 Kommentare:
Kommentar veröffentlichen