45Likes
LinkBack URL
About LinkBacksand why not?Originally Posted by tata668
We are the best invite forum on the internet! Here you will find free invites, free seedboxes, free bonuses, and much more. Our members know the true meaning of sharing and have created a truly global bittorent community! Our site has the most up to date information on all private trackers and our members will guide you and introduce you to this truly secretive and enlightened club. Ready to get started? Register now!
and why not?
Because the "visited" css style of the links is useful on some websites. It helps you visually see which links you visited and which ones you didn't.
Last edited by tata668; November 23rd, 2009 at 05:20 AM.
I decided to modify the original historyblock extension by myself, to prevent ALL history hacks. I don't like the idea to disable visited_links_enabled in the preferences because, as I said, the "visited links" style is really useful on some sites. I don't like the idea to disable history for all sites either.
I may start the extension from scratch, since what my modified extension does is different from the historyblock extension: it allows to select sites for which private browsing mode is automatically started. You are then 100% sure that the sites you added to the list won't leak history info. This is the only way I found to be 100% proof to history hacks. Trying to delete the history of a site, without entering in private browsing mode, didn't help in the case the page containing the history hack is already loaded.
I hardcoded "torrent-invites.com" in the modified extension, so you only have to install the extension, without the need to add "torrent-invites.com" to the list by yourself, and no history hack would ever be possible for this site!
The modified extension: historyblock-1.3.3.4-fx-modifiedForTotalHistoryHacksPrevention.xpi
Open the .xpi file with firefox or download it and drag/drop it in firefox. Restart. Go to http://www.torrent-invites.com and private browsing mode should start automatically.
Ctrl-Shift-P to exit private browsing mode (or use the menu).
The only file I modified from the original extension is /chrome/content/overlay.js. You can open the .xpi using any unzipping program (winrar, winzip, wathever) to check the modified code.
You can test the modified extension by adding "google.com" to the site list and then by visiting this history hacks site (be sure your history is clean to begin): google.com will never be seen as "visited". If you find a way for the "visited" flag to appear, please tell me, it's a bug.
Be sure you don't install this modified extension and the original extension at the same time.
I'm not responsible for anything if you use this extension. If some developers want to double-check my modifications, I would be glad. I will wait to see if people here think it's useful and what are their suggestions to improve it. Maybe some people will prefere this to the visited_links_enabled trick. All comments are appreciated.
Credits to Kain, the author of the original extension.
Well, I found a problem with my modified extension: no cookies are saved in private browsing mode and this is not really cool on a forum based site like torrent-invites.com. Damn!
New idea: I'll try to modifiy historyblock so that if you try to load a site on your list and that there are other tabs open, a popup will ask you if you want to close all the others tabs before loading the site.
This would workarounds the issue with historyblock : an already loaded site in one tab can always sees if you visite a site in another tab using the css history hack (a:visited is automatically triggered)
By the way, sorry if I bother you! I hope some of you are interested in my experimentations....
Last edited by tata668; November 23rd, 2009 at 05:01 PM.
I give up. I'm unable to reliably clear the history of a site.
My suggestions and I'm done:
1. Do not rely on historyblock, this extension doesn't work. I mean at all. The only time it actually clears the history of a site is when the site is open in a tab and you close the tab. All the other situations FAIL:
- Open a blacklisted site (let's say google.com) in a tab, then on the same tab or in another tab go to CSS History Hack Without JavaScript using a bookmark or by typing the url: FAILS
- Open a blacklisted site (let's say google.com) in a tab, then open another site in the same tab using a bookmark or by typing the url. Close the tab. Go to CSS History Hack Without JavaScript in any tab: FAILS . It fails because the history of a blacklisted site will only be cleared if it's the current site when you close the tab!! What a joke.
2. Disabling layout.css.visited_links_enable works but it sucks in my opinion. This extension (info) can help a little but I still don't like the idea to disable this preference.
3. Disabling the history on all sites is not for me, it sucks.
4. Using the private browsing mode for TI sucks too because the cookies won't be kept.
What are the remaining possibility?
As Vegas says: OPTION 3 - Use a Different Browser for TI. This is the best option in my opinion.
In fact, if I try to modify the historyblock extension again, it will probably to make it open another browser (probably chrome) when loading a blocked site.
Last edited by tata668; November 24th, 2009 at 12:29 PM.
hey i need some help. i did one of the prevention measure you told me too. but after i did it my history doesnt save anymore:( is there anyway to fix that but still be protected.
Damn.. I doubt just deleting history will do anything - hopefully using incognito/private browsing should keep us safe
Thanks Vegas, for this useful info.
OPTION 1, didnt work for me cos' when I typed the second step in the filter list the page just remained blank and third step did not appear. So could not proceed any further.
OPTION 2, Worked out fine and I hope to be safe from further hacking attempts if any.
One doubt though. Does asking the browser (Firefox or IE) to remember the User names and passwords cause any sort of trouble ? Kindly opine.
Regards
No need to worry. Remembering login information will not expose you to the CSS hack.
Posting Permissions
Reply With Quote
