Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Natao arisiva ity resaka mitohy ity. Mametraha fanontaniana azafady raha mila fanampiana.

How to return for special querys a predefined value

more options

Hi guys,

years ago you have been able to read out the browserhistory of a user through bruteforcing the visited links with a link list, css and js.

Meanwhile is this hack stopped the .getComputedStyle will be always as if the user never visited the a special link.

Nowadays we can still read out the browserhistory of users.

Example 1 (on which Im currently working on and where I need support): Through collecting cookies and reading out the domains they belong to we are still able to collect browserhistorys of users.

To stop it Im looking for a similar method like the predefined Value for .getComputedStyle with the CSS hack.

In generell Im trying to do if a javascript calls a cookie from a different Domain to return a predefined value.

Kind regards

Suad

Hi guys, years ago you have been able to read out the browserhistory of a user through bruteforcing the visited links with a link list, css and js. Meanwhile is this hack stopped the .getComputedStyle will be always as if the user never visited the a special link. Nowadays we can still read out the browserhistory of users. Example 1 (on which Im currently working on and where I need support): Through collecting cookies and reading out the domains they belong to we are still able to collect browserhistorys of users. To stop it Im looking for a similar method like the predefined Value for .getComputedStyle with the CSS hack. In generell Im trying to do if a javascript calls a cookie from a different Domain to return a predefined value. Kind regards Suad

All Replies (1)

more options

How does a script read cookies from a different domain?

If you have discovered a bug in same-origin enforcement, you should file it here and mark it security-sensitive:

https://bugzilla.mozilla.org/