Le lundi 26 avril 2010 à 07:13 +0100, markhob...@yahoo.co.uk a écrit : > There is a "Disclosure of user information" security flaw in the epiphany > browser due to the implementation of support for CSS :visited pseudoclass > elements. It is possible to specify a background-url attribute which will make > a request to the server if a particular link has been visited. Using this CSS > mechanism, it is possible for a hosting server to determine visited links > without using Javascript.
Could you talk about this with upstream? This is not something we should fix only at the Debian level. Cheers, -- .''`. Josselin Mouette : :' : `. `' “A handshake with whitnesses is the same `- as a signed contact.” -- Jörg Schilling -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
