State partitioning tests for Network Error Logging

privacytests / privacytests.org

Source code for privacytests.org. Includes browser testing code and site rendering.

https://privacytests.org

MIT License

797 stars 23 forks source link

State partitioning tests for Network Error Logging #203

Open ShivanKaul opened 4 months ago

ShivanKaul commented 4 months ago

NEL is supported by most Chromium browsers. I suspect that a malicious backend C embedding a subresource in site A and B could join a user as having been on A and B without A and B ever knowing (since NEL is not reported to top-level for subresource load failures).