Updated Appendix C: Test Sites (markdown)

Thorin-Oakenpants 2017-04-06 03:36:31 +12:00
parent 79070382d4
commit 2fdc252fc0

@ -46,8 +46,8 @@ If you would like to submit a test page to be added to this list, please post th
### :small_orange_diamond: Other ### :small_orange_diamond: Other
- [AudioContext](https://audiofingerprint.openwpm.com/) - **h**ttps://audiofingerprint.openwpm.com/ - [AudioContext](https://audiofingerprint.openwpm.com/) - **h**ttps://audiofingerprint.openwpm.com/
- [1] [Battery](https://pstadler.sh/battery.js/) - **h**ttps://pstadler.sh/battery.js/ - [Battery](https://pstadler.sh/battery.js/) <sup>1</sup> - **h**ttps://pstadler.sh/battery.js/
- [2] [CSS History Leak](http://lcamtuf.coredump.cx/yahh/) - **h**ttp://lcamtuf.coredump.cx/yahh/ - [CSS History Leak](http://lcamtuf.coredump.cx/yahh/) <sup>2</sup> - **h**ttp://lcamtuf.coredump.cx/yahh/
- [DNS Leak](https://www.dnsleaktest.com/) - **h**ttps://www.dnsleaktest.com/ - [DNS Leak](https://www.dnsleaktest.com/) - **h**ttps://www.dnsleaktest.com/
- [DNS Spoofability](https://www.grc.com/dns/dns.htm) - **h**ttps://www.grc.com/dns/dns.htm - [DNS Spoofability](https://www.grc.com/dns/dns.htm) - **h**ttps://www.grc.com/dns/dns.htm
- [Evercookie](https://samy.pl/evercookie/) - **h**ttps://samy.pl/evercookie/ - [Evercookie](https://samy.pl/evercookie/) - **h**ttps://samy.pl/evercookie/
@ -66,9 +66,9 @@ If you would like to submit a test page to be added to this list, please post th
- [Resource://URI](https://www.browserleaks.com/firefox) - **h**ttps://www.browserleaks.com/firefox - [Resource://URI](https://www.browserleaks.com/firefox) - **h**ttps://www.browserleaks.com/firefox
- [WebRTC IP Leak](https://www.privacytools.io/webrtc.html) - **h**ttps://www.privacytools.io/webrtc.html - [WebRTC IP Leak](https://www.privacytools.io/webrtc.html) - **h**ttps://www.privacytools.io/webrtc.html
[1] Since Firefox 52, the Battery Status API is now chrome/privileged access and is not accessible by web pages. <sup>1</sup> Since Firefox 52, the Battery Status API is now chrome/privileged access and is not accessible by web pages.
[2] This test is a PoC (proof of concept). You will need `layout.css.visited_links_enabled` set as `true`. You will also need a normal window (not a Private Browsing one). The PoC only covers a handful of sites, and many of those will not "leak" as the code is checking HTTP and the site has moved to HTTPS - i.e the full URL has changed. For best results: <sup>2</sup> This test is a PoC (proof of concept). You will need `layout.css.visited_links_enabled` set as `true`. You will also need a normal window (not a Private Browsing one). The PoC only covers a handful of sites, and many of those will not "leak" as the code is checking HTTP and the site has moved to HTTPS - i.e the full URL has changed. For best results:
* Open a normal window in a vanilla Firefox. Clear everything (Ctrl-Shift-Del). * Open a normal window in a vanilla Firefox. Clear everything (Ctrl-Shift-Del).
* Go to http://www.cnn.com/ and http://www.foxnews.com/ * Go to http://www.cnn.com/ and http://www.foxnews.com/
* Go to the [test page](http://lcamtuf.coredump.cx/yahh/) and play a game (takes 30 seconds or so) * Go to the [test page](http://lcamtuf.coredump.cx/yahh/) and play a game (takes 30 seconds or so)