added CSS History Leak PoC

Appendix-C:-Test-Sites.md

@@ -43,7 +43,8 @@ If you would like to submit a test page to be added to this list, please post th
 
 ### 6. Other
 - [AudioContext](https://audiofingerprint.openwpm.com/)
-- [Battery](https://pstadler.sh/battery.js/)
+- [1] [Battery](https://pstadler.sh/battery.js/)
+- [2] [CSS History Leak](http://lcamtuf.coredump.cx/yahh/)
 - [DNS Leak](https://www.dnsleaktest.com/)
 - [DNS Spoofability](https://www.grc.com/dns/dns.htm)
 - [Evercookie](https://samy.pl/evercookie/)
@@ -60,4 +61,10 @@ If you would like to submit a test page to be added to this list, please post th
 - [rel=noopener](https://mathiasbynens.github.io/rel-noopener/)
 - [Resource://URI](https://www.browserleaks.com/firefox)
 - [WebRTC IP Leak](https://www.privacytools.io/webrtc.html)
-     
+
+[1] Since Firefox 52, the Battery Status API is now chrome/privileged access and is not accessible by web pages.
+
+[2] This test is a PoC (proof of concept). You will need `layout.css.visited_links_enabled` set as `true`. You will also need a normal window (not a Private Browsing one). The PoC only covers a handful of sites, and many of those will not show as they have moved to HTTPS. For best results:
+ * Open a normal window in a vanilla Firefox. Clear everything (Ctrl-Shift-Del).
+ * Go to http://www.cnn.com/ and http://www.foxnews.com/
+ * Go to the [test page](http://lcamtuf.coredump.cx/yahh/) and play a game (takes 30 seconds or so)