W3C home > Mailing lists > Public > www-style@w3.org > August 2010

Re: NodeSelector, :visited, and :link

From: Simon Fraser <smfr@me.com>
Date: Wed, 25 Aug 2010 22:44:56 -0700
Cc: Brad Kemper <brad.kemper@gmail.com>, Alan Gresley <alan@css-class.com>, Boris Zbarsky <bzbarsky@mit.edu>, Patrick Garies <pgaries@fastmail.us>, www-style <www-style@w3.org>
Message-id: <31F973F7-4D55-4146-8434-7FA72A626161@me.com>
To: Garrett Smith <dhtmlkitchen@gmail.com>
On Aug 25, 2010, at 10:42 PM, Garrett Smith wrote:

> On 8/25/10, Brad Kemper <brad.kemper@gmail.com> wrote:
>> On Aug 25, 2010, at 9:25 PM, Garrett Smith <dhtmlkitchen@gmail.com> wrote:
>>>> This is a security issue. Servers can track a computer's personal
>>>> browsing history by using attribute selectors together with :visited
>>>> or server side scripts (for which I have little knowledge) and :visited.
>>> And?
>> And then construct a very convincing phishing attack because they know what
>> bank you use and what products you showed interest in there.
> It seems that you're imparting commentary on the parts of the spec
> that I cited earlier. Did you read that message? You also seem to be
> missing the point of my post, though it's not so easy to determine if
> that is the case because you've not really stated a position. A la
> Alan's post.

I was confused by the point of your post too. You said it was a security issue,
but not why this is relevant to the current discussion.

Received on Thursday, 26 August 2010 05:45:32 UTC

This archive was generated by hypermail 2.4.0 : Friday, 25 March 2022 10:07:49 UTC