26 Jan 2010
In this article we present a newly discovered Same Origin Policy security issue, identified as Cross-Site History Manipulation.
SOP is the most important security concept of modern browsers. SOP means that web pages from different origins by design cannot communicate with each other. Cross-Site History Manipulation breach is based on our research findings that the client-side browser history object is not properly partitioned on a per-site basis. Manipulating browser history may lead to SOP compromising, allow bidirectional CSRF and other exploitations such as: user privacy violation, login status detection, resources mapping, sensitive information inferring, users‟ activity tracking and URL parameter stealing.