Link to Lukasz' specific analysis on visited links.

w3ctag / security-questionnaire

A security/privacy review questionnaire for W3C specs

https://w3ctag.github.io/security-questionnaire/

Creative Commons Zero v1.0 Universal

25 stars 34 forks source link

Link to Lukasz' specific analysis on visited links. #178

Open jyasskin opened 5 days ago

jyasskin commented 5 days ago

This is meant to fix #174 by @lflores-ms, by linking to the article that shows the :visited attack. Another way to fix it might be to generalize the claim about Ambient Light to include the potential attacks described on the main page. Thoughts?

Preview | Diff

lflores-ms commented 5 days ago

Thanks @jyasskin for linking to the relevant post. I do think that the specific example of visited links through Ambient Light Sensor API helps drive the point about risk in these APIs in a more concrete manner.