9 May, 2010

Using Javascript to read a users browser history

Posted by

While doing some research I came across this article by Mike Nolet on figuring out the gender of a user based on the websites the user has visited. The article has a javascript that does this – so yea I am adding “Allows you to check your testosterone levels” as a feature of Javascript.

But on a more serious note – I was impressed (and puzzled) mostly by the fact that his javascript managed to figure out which websites exist in my browser history. Now that makes me curious. So a few clicks and a google search later I figure that your browser history is NOT private. There is a nifty javascript hack that can allow any website to figure out which other websites you have visited in the past, from a potential list of websites.

I just had to blog about this. The hack uses the property of the browser which results in changing the color of an already visited link. Basically through javascript one can find out the color of any item in the DOM. So in order to find out whether you have visited a particular website, all I need to do is insert that website in the DOM as a link (albiet in an invisible manner) and check its color property. If its color matches that of a “visited link” then you have visited that website. Seemingly dell already uses this on their website to determine if a user has visited any of its competitors. Think of the potential uses -

  • You can check if a user coming to your website has already visited any of your competitors, and if so target specific offers to them
  • If you rank at the 5th position in Google for a keyword you can check if the user has visited any of the previous 4 links
  • Lets say you have an offer coupon that you only want an anonymous user to see once. You may use cookies, but a user could delete their cookies if they are on to you. You can now check whether the user has been to that URL before through this hack if the user has not deleted their history

Espionage courtesy Javascript!!

More details available here

Tags: ,
comment_type == "trackback" || $comment->comment_type == "pingback" || ereg("", $comment->comment_content) || ereg("", $comment->comment_content)) { ?>

Trackbacks & Pingbacks
comment_type == "trackback" || $comment->comment_type == "pingback" || ereg("", $comment->comment_content) || ereg("", $comment->comment_content)) { ?>

Trackbacks & Pingbacks
comment_type == "trackback" || $comment->comment_type == "pingback" || ereg("", $comment->comment_content) || ereg("", $comment->comment_content)) { ?>

Trackbacks & Pingbacks
comment_type == "trackback" || $comment->comment_type == "pingback" || ereg("", $comment->comment_content) || ereg("", $comment->comment_content)) { ?>

Trackbacks & Pingbacks
comment_type == "trackback" || $comment->comment_type == "pingback" || ereg("", $comment->comment_content) || ereg("", $comment->comment_content)) { ?>

Trackbacks & Pingbacks
comment_type == "trackback" || $comment->comment_type == "pingback" || ereg("", $comment->comment_content) || ereg("", $comment->comment_content)) { ?>

Trackbacks & Pingbacks
comment_type == "trackback" || $comment->comment_type == "pingback" || ereg("", $comment->comment_content) || ereg("", $comment->comment_content)) { ?>

Trackbacks & Pingbacks
comment_type == "trackback" || $comment->comment_type == "pingback" || ereg("", $comment->comment_content) || ereg("", $comment->comment_content)) { ?>

Trackbacks & Pingbacks
comment_type == "trackback" || $comment->comment_type == "pingback" || ereg("", $comment->comment_content) || ereg("", $comment->comment_content)) { ?>

Trackbacks & Pingbacks

Comments
comment_type != "trackback" && $comment->comment_type != "pingback" && !ereg("", $comment->comment_content) && !ereg("", $comment->comment_content)) { ?>
Sebastiaan Deckers
May 9, 2010

This is considered as a browser security hole and being fixed accordingly:

“Plugging the CSS History Leak”
http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/

comment_type != "trackback" && $comment->comment_type != "pingback" && !ereg("", $comment->comment_content) && !ereg("", $comment->comment_content)) { ?>
abhishek
May 9, 2010

JavaScript is a double edged sword. I have seen many script codes on orkut and facebook which claims to open locked album, scrapbook etc but as well as the steal your cookies which stores your login credentials.
History and cookies are to help browser to remember you but if they are in wrong hands they can be used in anyway.
I have collected 13 javascript hacks which can be used to have fun but beware before running, you may caught in trouble.
http://xpressabhi.com/javascript-hacks-collection/comment-page-1/

comment_type != "trackback" && $comment->comment_type != "pingback" && !ereg("", $comment->comment_content) && !ereg("", $comment->comment_content)) { ?>
Bhavin Turakhia
May 9, 2010

@cbas: yea i saw that after :) … arif from my team brought my attention to it

comment_type != "trackback" && $comment->comment_type != "pingback" && !ereg("", $comment->comment_content) && !ereg("", $comment->comment_content)) { ?>
Sudhakar
May 17, 2010

Good Share.

Is that works, if i try this http://www.merchantos.com/makebeta/tools/the-spy-is-dead/

Or will it work on other browsers like ie chrome safari etc.

comment_type != "trackback" && $comment->comment_type != "pingback" && !ereg("", $comment->comment_content) && !ereg("", $comment->comment_content)) { ?>
mbt shoes storm
July 9, 2010

comment_type != "trackback" && $comment->comment_type != "pingback" && !ereg("", $comment->comment_content) && !ereg("", $comment->comment_content)) { ?>
mbt shoes storm
July 9, 2010

you will like ugg boots, http://www.uggbootscool.com

comment_type != "trackback" && $comment->comment_type != "pingback" && !ereg("", $comment->comment_content) && !ereg("", $comment->comment_content)) { ?>
Reebok Easytone Shoes
July 13, 2010

The Reebok Easytone Shoes is probably the most athletic and traditional of the Calorie Burning or Reebok EasyTone category, emulating their traditional Reebok EasyTone Trainers. The Reebok ZigTech shoes,

comment_type != "trackback" && $comment->comment_type != "pingback" && !ereg("", $comment->comment_content) && !ereg("", $comment->comment_content)) { ?>
Shape Ups Shoes
July 13, 2010

Shape Ups Shoes have won quite a few awards and have really cleaned up financially in a tough economic market. But I’ve never been sold on what they are. I think that a Skechers Shape Ups should be either decorative or extremely functional in getting the Skechers Shape up trainer from Point A to Point B, like Skechers Shape up Shoes (not to say it can’t be both pretty and functional).

comment_type != "trackback" && $comment->comment_type != "pingback" && !ereg("", $comment->comment_content) && !ereg("", $comment->comment_content)) { ?>
Reebok Easytone Shoes
July 18, 2010

The Reebok Easytone Shoes is probably the most athletic and traditional of the Calorie Burning or Reebok EasyTone category, emulating their traditional Reebok EasyTone Trainers. The Reebok ZigTech shoes, rather than sporting a modified curved outsole you see in some brands, actually Easytone Trainers at the heel and the forefoot of the Reebok ZigTech. This technology is based on the well known “Reebok Zig pulse shoes” which are used in workouts and in many offices and Men’s Reebok Zigtech as chairs that help improve your posture and build core strength. Everything about EasyTone Shoes is designed to conserve and return energy to the athlete for a soft and springy stride. The Easy Tone Shoes bottom unit features an innovative, lightweight foam that is engineered into a dramatic, geometric, EasyTone Inspire. This unique Cheap Zigtech Shoes sole absorbs the impact of heel strike and sends a wave of energy along the length of the Cheap Zigtech Shoes to help propel the athlete forward with Discount Reebok zigtech.

Leave a comment

(required)

(required)

Spam protection by WP Captcha-Free