MozillaWiki

Security/CSP/HistoryModule: Difference between revisions

Page Discussion

Security/CSP/HistoryModule (view source)

Revision as of 17:33, 20 October 2009

8 bytes added ,  20 October 2009
→‎Threat Model
Line 12: Line 12:
We further assume the web developer wishes to prevent the attacker from achieving the following goals:  
We further assume the web developer wishes to prevent the attacker from achieving the following goals:  


*The attacker must not be able to determine whether a particular URL on the CSP web site has been previously visited.
*The attacker must not be able to determine whether a particular URL on the developer's web site has been visited previously.


We assume that the browser properly implements the same-origin policy and does not contain any privilege escalation vulnerabilities.
We assume that the browser properly implements the same-origin policy and does not contain any privilege escalation vulnerabilities.
Abarth
118

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/176958"