Git/firefox-user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2025-11-06 16:55:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Updated Appendix A Test Sites (markdown)

Thorin-Oakenpants
2019-09-18 16:27:27 +00:00
parent 4a229a5bea
commit 9668fbb2c8
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Appendix-A---Test-Sites.md

@@ -54,7 +54,7 @@ These are good sources to grab information on your results in one hit, but **do
* Article: https://robertheaton.com/2014/01/20/cookieless-user-tracking-for-douchebags/ * Article: https://robertheaton.com/2014/01/20/cookieless-user-tracking-for-douchebags/
- [CSS Exfil Vulnerability](https://www.mike-gualtieri.com/css-exfil-vulnerability-tester) - **h**ttps://www.mike-gualtieri.com/css-exfil-vulnerability-tester - [CSS Exfil Vulnerability](https://www.mike-gualtieri.com/css-exfil-vulnerability-tester) - **h**ttps://www.mike-gualtieri.com/css-exfil-vulnerability-tester
* [CSS Keylogger with no CSP](https://no-csp-css-keylogger.badsite.io/) - **h**ttps://no-csp-css-keylogger.badsite.io/ * [CSS Keylogger with no CSP](https://no-csp-css-keylogger.badsite.io/) - **h**ttps://no-csp-css-keylogger.badsite.io/
- [CSS History Leak](http://lcamtuf.coredump.cx/yahh/) <sup>1</sup> - **h**ttp://lcamtuf.coredump.cx/yahh/ - [CSS History Leak](https://earthlng.github.io/testpages/visited_links.html) <sup>1</sup> - **h**ttps://earthlng.github.io/testpages/visited_links.html
- CSS Media: disable JS, resize the browser with the tests open - CSS Media: disable JS, resize the browser with the tests open
* [@media window size leak](https://demos.traudt.xyz/css/media/index.html) - **h**ttps://demos.traudt.xyz/css/media/index.html * [@media window size leak](https://demos.traudt.xyz/css/media/index.html) - **h**ttps://demos.traudt.xyz/css/media/index.html
* [screen & inner window measurements](https://arthuredelstein.github.io/tordemos/media-query-fingerprint.html) - **h**ttps://arthuredelstein.github.io/tordemos/media-query-fingerprint.html * [screen & inner window measurements](https://arthuredelstein.github.io/tordemos/media-query-fingerprint.html) - **h**ttps://arthuredelstein.github.io/tordemos/media-query-fingerprint.html
@@ -74,7 +74,7 @@ These are good sources to grab information on your results in one hit, but **do
- [rel=noopener](https://mathiasbynens.github.io/rel-noopener/) - **h**ttps://mathiasbynens.github.io/rel-noopener/ - [rel=noopener](https://mathiasbynens.github.io/rel-noopener/) - **h**ttps://mathiasbynens.github.io/rel-noopener/
- [WebRTC](https://browserleaks.com/webrtc) - **h**ttps://browserleaks.com/webrtc - [WebRTC](https://browserleaks.com/webrtc) - **h**ttps://browserleaks.com/webrtc
<sup>1</sup> This test is a PoC (proof of concept). You will need `layout.css.visited_links_enabled` set as `true`. You will also need a normal window (not a Private Browsing one). The PoC only covers a handful of sites, and many of those will not "leak" as the code is checking HTTP and the site has moved to HTTPS - i.e the full URL has changed. For best results: <sup>1</sup> This test is a PoC (proof of concept). You will need `layout.css.visited_links_enabled` set as `true`. You will also need a normal window (not a Private Browsing one). The PoC only covers a handful of sites. For best results:
* Open a normal window in a vanilla Firefox. Clear everything (Ctrl-Shift-Del). * Open a normal window in a vanilla Firefox. Clear everything (Ctrl-Shift-Del).
* Go to http://www.cnn.com/ and http://www.foxnews.com/ * Go to some of the sites in the source: e.g. https://www.cnn.com/ and https://www.foxnews.com/
* Go to the [test page](http://lcamtuf.coredump.cx/yahh/) and play a game (takes 30 seconds or so) * Go to the [test page](https://earthlng.github.io/testpages/visited_links.html) and play a game (takes 30 seconds or so)