Issue metadata
Sign in to add a comment
|
Security: Getting information about which websites have been loaded before by measuring the loading time of images of these websites that were cached or not cached.
Reported by
philipp....@gmail.com,
Jan 8 2018
|
||||||||||||||||||||
Issue descriptionVULNERABILITY DETAILS Getting information about which websites have been loaded before by measuring the loading time of images of these websites that were cached or not cached. VERSION Chrome Version: 63.0.3239.132 (Offizieller Build) (64-Bit) (stable) Operating System: Windows Version 10.0.15063 REPRODUCTION CASE Steps to reproduce: 1.Open your browser and delete your browser cache. 2.Open http://pipe.atspace.eu/cachetest.html and it will tell you that a specific website had not been loaded. 3.Delete your cache. 4. Open https://imgur.com/gallery/kOsdR 5. Open http://pipe.atspace.eu/cachetest.html and it will tell you that the website that you have opened before had been loaded. Attack scenario: Site operators can query your browsing history.
,
Apr 17 2018
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by elawrence@chromium.org
, Jan 8 2018Status: Duplicate (was: Unconfirmed)