r2d2 Posted January 17, 2022 Report Share Posted January 17, 2022 can leak your recent browsing activity and personal identifiers The bug could expose your Google User ID to other sites. FingerprintJS found that Apple’s application of the IndexedDB API in Safari 15 actually violates the same-origin policy. When a website interacts with a database in Safari, FingerprintJS says that “a new (empty) database with the same name is created in all other active frames, tabs, and windows within the same browser session.” This means other websites can see the name of other databases created on other sites, which could contain details specific to your identity. FingerprintJS notes sites that use your Google account, like YouTube, Google Calendar, and Google Keep, all generate databases with your unique Google User ID in its name. Your Google User ID allows Google to access your publicly-available information, such as your profile picture, which the Safari bug can expose to other websites. 1 Quote Link to comment Share on other sites More sharing options...
Midnightsun Posted January 17, 2022 Report Share Posted January 17, 2022 4 minutes ago, r2d2 said: can leak your recent browsing activity and personal identifiers The bug could expose your Google User ID to other sites. FingerprintJS found that Apple’s application of the IndexedDB API in Safari 15 actually violates the same-origin policy. When a website interacts with a database in Safari, FingerprintJS says that “a new (empty) database with the same name is created in all other active frames, tabs, and windows within the same browser session.” This means other websites can see the name of other databases created on other sites, which could contain details specific to your identity. FingerprintJS notes sites that use your Google account, like YouTube, Google Calendar, and Google Keep, all generate databases with your unique Google User ID in its name. Your Google User ID allows Google to access your publicly-available information, such as your profile picture, which the Safari bug can expose to other websites. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.