Category Archives: JavaScript

Visited links and JavaScript: A privacy issue – Website owners can know websites you’ve visited before

JavaScript IconLock Icon

I recall reading an article several years ago about a privacy issue with regards to the difference in colours between visited links and unvisited links and that website owners can write some JavaScript to determine, based on certain differences between visited and unvisited hyperlinks, whether you have visited a website before. Of course this was (and still is) a privacy issue but some browsers have rectified what was previously a privacy issue by changing the way in which hyperlinks can be changed to prevent website owners from being able to determine whether a visitor has visited a certain website before. For example, Mozilla in 2010 had changed the way in which hyperlink colours can be fetched using JavaScript. In March 2010, a privacy engineer for Mozilla had announced that Firefox would in the near future be making some changes to “plug” the privacy issue by preventing layout-based, timing-based and computed style attacks. The most interesting looks to be timing-based attacks, as it isn’t the simplest form of determining hyperlinks that have already been visited by a visitor on a website that makes use of these flaws in order to understand what websites a visitor has visited before. read more