Hugh Winkler holding forth on computing and the Web

Tuesday, February 05, 2008

Yet another reason to use NoScript

Niall Kennedy tells us all how he grabs your browser history "for improved user experience".

1. put links on the page to all the interesting sites you want to identify in the user's history. Have they visited Google? Have the visited certain porn sites?
2. put some css for those links that colors them some weird color when they have been a:visited.
3. add some script that crawls the dom looking for links styled that color.

VoilĂ .

Yet another reason I'm glad I've turned off most scripting using NoScript.

[Updated to remove a made up porn site domain name that actually is a porn site domain name.]

2 comments:

Mark Pilgrim said...

The real solution is SafeHistory: http://www.safehistory.com/

hughw said...

Thanks Mark, I'm giving it a try. Ironically, to install the extension, I had to temporarily whitelist the stanford.edu domain for NoScript. Oh yeah, any script coming from stanford.edu has to be ok, right.