mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-14 17:07:34 +00:00
GitBook: [#3292] No subject
This commit is contained in:
parent
ccb2f72f8b
commit
a659f82334
1 changed files with 5 additions and 4 deletions
|
@ -495,12 +495,13 @@ If the **max** number of **redirects** to follow of a browser is **20**, an atta
|
|||
|
||||
### History Length
|
||||
|
||||
* **Inclusion Methods**: Pop-ups
|
||||
* **Detectable Difference**: Status Code
|
||||
* **More info**: 
|
||||
* **Inclusion Methods**: Frames, Pop-ups
|
||||
* **Detectable Difference**: Redirects
|
||||
* **More info**: [https://xsleaks.dev/docs/attacks/navigations/](https://xsleaks.dev/docs/attacks/navigations/)
|
||||
* **Summary:** JavaScript code manipulates the browser history and can be accessed by the length property.
|
||||
|
||||
The **History API** allows JavaScript code to manipulate the browser history, which **saves the pages visited by a user**. An attacker can use the length property as an inclusion method: to detect JavaScript and HTML navigation. Multiple works have studied the browser history and show how to abuse it to determine **whether a user has accessed a certain website** \[44, 47, 54, 75].
|
||||
The **History API** allows JavaScript code to manipulate the browser history, which **saves the pages visited by a user**. An attacker can use the length property as an inclusion method: to detect JavaScript and HTML navigation.\
|
||||
**Checking `history.length`**, making a user **navigate** to a page, **change** it **back** to the same-origin and **checking** the new value of **`history.length`**.
|
||||
|
||||
### Frame Counting
|
||||
|
||||
|
|
Loading…
Reference in a new issue