How to return for special querys a predefined value
Hi guys,
years ago you have been able to read out the browserhistory of a user through bruteforcing the visited links with a link list, css and js.
Meanwhile is this hack stopped the .getComputedStyle will be always as if the user never visited the a special link.
Nowadays we can still read out the browserhistory of users.
Example 1 (on which Im currently working on and where I need support): Through collecting cookies and reading out the domains they belong to we are still able to collect browserhistorys of users.
To stop it Im looking for a similar method like the predefined Value for .getComputedStyle with the CSS hack.
In generell Im trying to do if a javascript calls a cookie from a different Domain to return a predefined value.
Kind regards
Suad
Všechny odpovědi (1)
How does a script read cookies from a different domain?
- https://developer.mozilla.org/docs/Web/API/Document/cookie
- https://developer.mozilla.org/docs/Web/Security/Same-origin_policy
If you have discovered a bug in same-origin enforcement, you should file it here and mark it security-sensitive: