[Previous] [Next] [Index]
[Thread]
Re: JavaScript to grab e-mail
Wow! These are extremely frightening demonstrations. Apparently it
is possible to:
1. Capture the user's cache and history
2. Monitor every page the user views and transmit its URL
across the Internet to a remote log file.
Would someone who's JavaScript-savvy (I'm just a neophyte) please
have a look at these scripts and comment? I'll incorporate his or her
comments into the WWW Security FAQ, with much accolades and kudos.
Lincoln
Eric Hammond writes:
> Lincoln:
>
> > I was concerned that someone had discovered a way to make JavaScript
> > divulge such browser secrets as the contents of the disk cache,
> > history list, or newsgroup subscriptions.
>
> Then you definitely don't want to read:
>
> http://www.c2.org/~aelana/javascript.htm
> http://www.osf.org/~loverso/javascript/track-me.htm
>
> --
> Eric.Hammond@sdrc.com 513-576-5907
> SDRC, 2000 Eastman Drive, Milford OH 45150
> webmaster@sdrc.com http://www.sdrc.com/
>
References: