W3C home > Mailing lists > Public > www-style@w3.org > January 2002

Re: Paper on use of selectors for adaptive hypermedia

From: Michael Kraus <michael.kraus@informatik.uni-muenchen.de>
Date: Wed, 30 Jan 2002 16:32:59 +0100
Message-ID: <3C58122B.92CBF04F@informatik.uni-muenchen.de>
To: www-style@w3.org
> I am under the strong impression that implementation of this proposal
> could generate a major security flaw.
> 
> With selection based on browsing contexts, I could give a style (color
> for instance) to an element in a web document based on the user's
> browsing history, retrieve the computed value of the color for that
> element, deduce that this web page has been previously visited and send
> the data back to a server on the web. I could also send back to a server
> any information about the browsing device and all the data contained in
> the browsing context.

We thought about our proposal to cope better with security concerns as
other approaches. Our approach is completely client-based, so no
information has to be sent to the server, as compared to cookies or even
CC/PP, for example. I don't understand well if it is possible with CSS
what you describe above, namely to send information about computed
values to the server.

Michael
Received on Wednesday, 30 January 2002 10:33:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 27 April 2009 13:54:12 GMT