[CentOS] C5 : Firefox 38 bug
jd1008
jd1008 at gmail.com
Sat Jun 13 19:11:15 UTC 2015
On 06/12/2015 01:01 PM, Gordon Messmer wrote:
> On 06/13/2015 11:11 AM, jd1008 wrote:
>> All your browsing history, all cookies ...etc are open books
>> as far as many javascripts are concerned.
>
> Javascript can use CSS attributes to see if you've visited a specific
> URL, which is unfortunate, but that's a long way from saying that your
> history is an open book. Javascript cannot directly access your
> history. A script cannot enumerate all of the sites you've visited,
> it can only test specific, complete URLs.
>
> As far as cookies go, you're even further from the truth. A script
> can only access cookies whose domain matches the origin of the script.
>
Why do you make such statements without knowing the intrinsics???
How in tarnation do you explain this:
http://www.google.com/safebrowsing/diagnostic?site=googleusercontent.com
Malware is installed where it can be executed.
Since that is the case, what makes you think JS cannot
access your browsing history??
More information about the CentOS
mailing list