Google is fixing a long-standing privacy issue that, for years, enabled websites to determine users’ browsing history through the previously visited links.
The problem arises from allowing sites to style links as ‘:visited,’ meaning showing them as another color instead of the default blue if a user had previously clicked on them.
The system displays this color change regardless of which site they were on when they clicked the link, allowing other sites to potentially use creative scripts that leak the user’s browsing history.
Source: Google
The issue isn’t just a theoretical privacy concern for users but also introduces a series of real security liabilities that enable tracking, profiling, and phishing.
Researchers demonstrated…