Privacy-Related Side Channels
Another unfortunate and noteworthy consequence of the gaps in the same-origin policy is the ability to collect information about a user’s interaction with unrelated sites. Some of the most rudimentary examples, most of them known for well over a decade,[210] include the following:
Using onload handlers to measure the time it takes to load certain documents, an indication of whether they have been previously visited and cached by the browser or not.[211]
Using onload and onerror on <img> tags to see if an authentication-requiring image on a third-party site can be loaded, thus disclosing whether the user is logged into that site or not. (Bonus: Sometimes, the error message disclosed to the onerror handler will include ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access