Prohledat stránky podpory

Vyhněte se podvodům. Za účelem poskytnutí podpory vás nikdy nežádáme, abyste zavolali nebo poslali SMS na nějaké telefonní číslo nebo abyste sdělili své osobní údaje. Jakékoliv podezřelé chování nám prosím nahlaste pomocí odkazu „Nahlásit zneužití“.

Zjistit více

How to return for special querys a predefined value

more options

Hi guys,

years ago you have been able to read out the browserhistory of a user through bruteforcing the visited links with a link list, css and js.

Meanwhile is this hack stopped the .getComputedStyle will be always as if the user never visited the a special link.

Nowadays we can still read out the browserhistory of users.

Example 1 (on which Im currently working on and where I need support): Through collecting cookies and reading out the domains they belong to we are still able to collect browserhistorys of users.

To stop it Im looking for a similar method like the predefined Value for .getComputedStyle with the CSS hack.

In generell Im trying to do if a javascript calls a cookie from a different Domain to return a predefined value.

Kind regards

Suad

Hi guys, years ago you have been able to read out the browserhistory of a user through bruteforcing the visited links with a link list, css and js. Meanwhile is this hack stopped the .getComputedStyle will be always as if the user never visited the a special link. Nowadays we can still read out the browserhistory of users. Example 1 (on which Im currently working on and where I need support): Through collecting cookies and reading out the domains they belong to we are still able to collect browserhistorys of users. To stop it Im looking for a similar method like the predefined Value for .getComputedStyle with the CSS hack. In generell Im trying to do if a javascript calls a cookie from a different Domain to return a predefined value. Kind regards Suad

Všechny odpovědi (1)

more options

How does a script read cookies from a different domain?

If you have discovered a bug in same-origin enforcement, you should file it here and mark it security-sensitive:

https://bugzilla.mozilla.org/