5/24/2023 0 Comments Most visited websites![]() This makes it so any website that uses IndexedDB can gain access to what websites the user visits in different tabs or windows in the same browsing session, essentially leaking the entirety of a user’s browser activity to the websites they visit. “In Safari 15 on macOS and all browsers on iOS and iPadOS 15, this policy is being violated as a result of a bug in WebKit’s IndexedDB implementation,” said Bajanik in his explanation video. The IndexedDB API, like most modern web browser technologies, uses the same-origin policy to make sure that a visited website only has access to its own data from the user’s browsing activity and not data from any other websites. The low-level API is supported in all major browsers and used by a significant percentage of websites. IndexedDB is a browser API for client-side storage designed to hold significant amounts of data. ![]() ![]() Martin Bajanik, a software engineer at the browser fingerprinting-as-a-service platform FingerprintJS, recently shared details on a bug in Safari 15 that can potentially leak users’ browsing activity to all of the websites open in the various browser frames, windows, and tabs in a single browsing session.
0 Comments
Leave a Reply. |