Apple Safari has become the first major browser to be purged of one of the web's longest-running privacy defects: The ability for any site owner to effortlessly steal a complete copy of your recent browsing history. The browser history disclosure leak is as old as the World Wide Web itself, and it afflicted every major browser …
Didn't work on my browser
I'm running Firefox 3.6.3 on Windows XP. When I visited both of the test sites with Private Browsing enabled, they found nothing. Private Browsing can be enabled by default (under Tools > Options... > Privacy).
nice to know how to do it manually but not turned off at the finnish of the install of the browser is insane.
I am sure they did this to appease websites to make money from your info
Google Chrome dev channel appears to be fixed already
The two sites linked in the article failed to find any history. My version of Chrome is 6.0.422.0.
As old as the web?
"The browser history disclosure leak is as old as the World Wide Web itself"
JS not required
You missed the point arguing semantics
CSS isn't "as old as the World Wide Web itself" either.
on my mac with firefox 3.6.3, i went on both sites and it showed no history, i have not got my private browsing set to on.
my system clears all history when i close browser and also all cache, cookies etc sametime.
I also have system fully Stealthed to internet, i do this with all systems.
so no problems here then :-)
If your browser doesn't save any history, then there is no history to be retrieved.
The problem is that some of us find the history function rather useful, so I for one welcome, etc etc
"As old as the web"?
HTML was around for a while before css become available.
A risk/benefit analysis
"The history leak is the result of [...] technology that causes a browser to display links that have been visited in a different color than addresses that have not been visited."
Shit. It would be disastrous if that ever broke.
"It also allows webmasters to customize content and user interfaces on their sites based on the links individual users regularly visit."
You mean, it lets them violate your privacy? Er, yes, that's rather the point.
"Microsoft has so far [only warned] that browser fixes could break websites."
For the reasons given above, I'm inclined to think that this is a load of cobblers. Is there something I've missed? As far as I can see, not only is this an easy fix but it has actually been fixed (through private browsing) in several browsers with no observable ill effects whatsoever.