Heya, maybe this can give a first hint? http://www.reddit.com/r/netsec/comments/2djtkt/deanonymizing_facebook_users_by_csp_bruteforcing/
Cheers, C. (sorry, I sent it to Harlo directly -.-. Missing "reply-to" field in here) On 08/15/2014 12:57 PM, Harlo Holmes wrote: > Good point, HC. Do any of you have any experience with this? > > does anyone know if content security policy headers are properly > acknowledged by all browsers? (i.e. would chrome's pre-fetching behavior > make that header less effective?) > ---------- Forwarded message ---------- > From: "Hans-Christoph Steiner" <[email protected]> > Date: Aug 14, 2014 5:09 PM > Subject: Re: [Guardian-internal] quick question about content security > headers > To: <[email protected]> > Cc: > > > Sounds like a good question for guardian-dev. I don't know the answer to > that... > > .hc > > Harlo Holmes wrote: >> does anyone know if content security policy headers are properly >> acknowledged by all browsers? (i.e. would chrome's pre-fetching behavior >> make that header less effective?) >> >> thanks! >> harlo >> >> ++++++++++++++++++++++++++ >> Research Fellow, Head of Metadata >> The Guardian Project <https://guardianproject.info> >> >> pgp: 0xA4469630 >> twitter: @harlo >> >> >> >> _______________________________________________ >> Guardian-internal mailing list >> >> Post: [email protected] >> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-internal >> >> To Unsubscribe >> Send email to: [email protected] >> Or visit: %(user_optionsurl)s >> >> You are subscribed as: %(user_address)s >> > > -- > PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 > _______________________________________________ > Guardian-internal mailing list > > Post: [email protected] > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-internal > > To Unsubscribe > Send email to: [email protected] > Or visit: %(user_optionsurl)s > > You are subscribed as: %(user_address)s > > > > _______________________________________________ > Guardian-dev mailing list > > Post: [email protected] > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > To Unsubscribe > Send email to: [email protected] > Or visit: > https://lists.mayfirst.org/mailman/options/guardian-dev/guardian%40ethack.org > > You are subscribed as: [email protected] > _______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/archive%40mail-archive.com You are subscribed as: [email protected]
