Cross-origin CSS attacks use style sheet import to steal confidential information from a victim website, hijacking a user's existing authenticated session; existing XSS defen...
Lin-Shung Huang, Zack Weinberg, Chris Evans, Colli...
Through a variety of means, including a range of browser cache methods and inspecting the color of a visited hyperlink, client-side browser state can be exploited to track users a...
Collin Jackson, Andrew Bortz, Dan Boneh, John C. M...
As wireless networks proliferate, web browsers operate in an increasingly hostile network environment. The HTTPS protocol has the potential to protect web users from network attac...
Web browser history detection using CSS visited styles has long been dismissed as an issue of marginal impact. However, due to recent changes in Web usage patterns, coupled with br...