All,
So, it's possible for websites to effectively query Firefox's viewing history by using :visited in CSS.
Example: http://gemal.dk/browserspy/css.html
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=147777
Further discussion: https://bugzilla.mozilla.org/show_bug.cgi?id=57351
Isn't this an absolutely <b>huge</b> privacy hole? Shouldn't the world be told?
Bug 147777 has been unresolved for 3 years, primarily due to the complexities discussed toward the bottom of its page.
Thanks,
Wodow
Privacy: sites can see browser history (css, visited)
-
- Posts: 13
- Joined: July 4th, 2005, 6:57 am
-
- Posts: 4941
- Joined: July 31st, 2003, 1:26 pm
-
- Posts: 365
- Joined: July 31st, 2005, 4:34 pm
-
- Posts: 3
- Joined: August 2nd, 2005, 8:50 am
hi wodow.i have always disabled history even when i used ie. i even put cach to o and if i need something that i wanted in past i have it on floppy or a tect doc. in the privacy options i have all off.does not hender my work in any way.just another securiy flaw u dont have to worry about. i do turn on history sometimes when looking for drivers etc,but clear it when done heavy searching. there wont be a perfect browser but do what i have to do to keep my privacy.this is still far better than ie flaws.
becker1
becker1
-
- Posts: 13
- Joined: July 4th, 2005, 6:57 am
It has taken me nearly two years, but I finally found a workaround to the problem in the form of this extension:
http://safehistory.com/
(It looks like SafeHistory has been around at least since Feb 2006 [1] but I was inspired to look today by the coverage that Spyjax [2] has been getting this week.)
[1] http://web.archive.org/web/*/http://safehistory.com/ (<- doesn't linkify properly!)
[2] http://www.merchantos.com/makebeta/tools/spyjax/
http://safehistory.com/
(It looks like SafeHistory has been around at least since Feb 2006 [1] but I was inspired to look today by the coverage that Spyjax [2] has been getting this week.)
[1] http://web.archive.org/web/*/http://safehistory.com/ (<- doesn't linkify properly!)
[2] http://www.merchantos.com/makebeta/tools/spyjax/
-
- Posts: 8793
- Joined: May 7th, 2007, 12:07 pm
SafeHistory seems to go a bit too far. It hid the visited link colour from me too! I can see not allowing web servers to determine whether you have visited certain domains, but to hide the visited appearance from the browser's user is overdoing it.
Is there any other way to disable a server from getting that information? Is it possible to find something that can change the code on the page that is fetching that data? I can block that with Proxomitron (web filtering), but that runs only on Windows, and I would like to be able to do that with an Intel Macintosh as well.
Is there any other way to disable a server from getting that information? Is it possible to find something that can change the code on the page that is fetching that data? I can block that with Proxomitron (web filtering), but that runs only on Windows, and I would like to be able to do that with an Intel Macintosh as well.
-
- Posts: 44
- Joined: December 31st, 2007, 4:03 pm
- Location: West Virginia, United States
- Contact:
Re: Privacy: sites can see browser history (css, visited)
I don't see the big problem. So, they see which sites I've visited? Nothing significant, let me tell you. Yes, I've searched for my own name (albeit, it's been a while) and the top hits aren't me. I can only imagine what it would be like for somebody like Joseph Smith.
- Dartman
- Moderator
- Posts: 11995
- Joined: February 9th, 2006, 9:43 pm
Re: Privacy: sites can see browser history (css, visited)
Please look at the dates of posts/threads before posting to them. It's is pointless to post to threads this old (from 2005).
Closing this thread.
Closing this thread.
Alcohol and Calculus don't mix. Never drink and derive.