Alan Dix Snip!t: CSS exploit allows detection of social site use

see all channels for Alan Dix

Snip summary	Web developer Aza Raskin knows we visit Digg, Del.icio.u... Facebook without even having to ask. No, he isn't employing privacy violating hackery, but he ... Raskin has wrapped this functionality in a script called ... CSS exploit allows detection of social site use http://www.downloadsquad.com/...css-exploit-allows-detection-of-social-site-use/

Categories

/Channels/techie/css	[ go to category ]
/Channels/techie/JavaScript	[ go to category ]

For Snip	loading snip actions ...
For Page	loading url actions ...

Web developer Aza Raskin knows we visit Digg, Del.icio.us, Reddit and Facebook without even having to ask.

No, he isn't employing privacy violating hackery, but he is exploiting a "cute" information leak in CSS that traditionally displays visited links differently than those that have yet to be visited. By loading in an iframe a list of social site URLs to see which are purple (visited) and blue (not visited), an assumption can be made on what sites to prompt users for submitting a story or blog entry.

Raskin has wrapped this functionality in a script called SocialHistory.js.

HTML	<p>Web developer <a href="http://azarask.in/blog/">Aza Raskin</a> knows we visit Digg, Del.icio.us, Reddit and Facebook without even having to ask.</p> <p>No, he isn't employing privacy violating hackery, but <a href="http://azarask.in/blog/post/socialhistoryjs/">he is exploiting a "cute" information leak in CSS</a> that traditionally displays visited links differently than those that have yet to be visited. By loading in an iframe a list of social site URLs to see which are purple (visited) and blue (not visited), an assumption can be made on what sites to prompt users for submitting a story or blog entry.</p> <p>Raskin has wrapped this functionality in a script called <a href="http://code.google.com/p/aza/source/browse/trunk/SocialHistory/SocialHistory.js">SocialHistory.js</a>.</p>

HTML

Web developer <a href="http://azarask.in/blog/">Aza Raskin</a> knows we visit Digg, Del.icio.us, Reddit and Facebook without even having to ask. No, he isn't employing privacy violating hackery, but <a href="http://azarask.in/blog/post/socialhistoryjs/">he is exploiting a "cute" information leak in CSS</a> that traditionally displays visited links differently than those that have yet to be visited. By loading in an iframe a list of social site URLs to see which are purple (visited) and blue (not visited), an assumption can be made on what sites to prompt users for submitting a story or blog entry. Raskin has wrapped this functionality in a script called <a href="http://code.google.com/p/aza/source/browse/trunk/SocialHistory/SocialHistory.js">SocialHistory.js</a>.

Snip!t from collection of Alan Dix

Search Alan Dix Snips

Channels - Alan Dix