Thursday, January 28, 2010

Cross-Site History Manipulation (XSHM) attack


In this article we present a newly discovered SOP [8] (Same Origin Policy) security breach identified as Cross-Site History Manipulation (XSHM). SOP is the most important security concept of modern browsers. SOP means that web pages from different origins by design cannot communicate with each other. Cross-Site History Manipulation breach is based on our research findings that the client-side browser history object is not properly partitioned on a per-site basis. Manipulating browser history may lead to SOP compromising, allow bi-directional CSRF and other exploitations such as: user privacy violation, login status detection, resources mapping, sensitive information inferring, users‟ activity tracking and URL parameter stealing.

Download PDF

No comments: