Is it possible for someone to steal my bookmarks through a cross-site scripting attack? Is it a similar procedure to cookie stealing?
Asked
Active
Viewed 261 times
0
-
So, when you are asking if something is possible with XSS, you can pretty much ask if it is possible with JavaScript. And if you did, you may have discovered this link: http://stackoverflow.com/questions/5122646/get-browser-bookmarks-via-javascript . In short, no, it is not possible without a major vulnerability in the browser itself. – Gray Nov 02 '15 at 14:53
-
Thanks,it's pretty clear! – blindeyes Nov 02 '15 at 15:35
1 Answers
1
No, you can't steal bookmarks unless you discover a new browser bug.
But for a long time you could steal some of the browser's history using JavaScript. Actually, this might still be a possibility: https://security.stackexchange.com/questions/62351/xss-history-stealing
Erwan Legrand
- 4,148
- 26
- 26