[CentOS] C5 : Firefox 38 bug
jd1008
jd1008 at gmail.com
Sat Jun 13 19:16:03 UTC 2015
On 06/12/2015 01:01 PM, Gordon Messmer wrote:
> On 06/13/2015 11:11 AM, jd1008 wrote:
>> All your browsing history, all cookies ...etc are open books
>> as far as many javascripts are concerned.
>
> Javascript can use CSS attributes to see if you've visited a specific
> URL, which is unfortunate, but that's a long way from saying that your
> history is an open book. Javascript cannot directly access your
> history. A script cannot enumerate all of the sites you've visited,
> it can only test specific, complete URLs.
>
> As far as cookies go, you're even further from the truth. A script
> can only access cookies whose domain matches the origin of the script.
Your final line is not true.
More information about the CentOS
mailing list