Hacker News new | ask | show | jobs
by cjbgkagh 56 days ago
If the file is hashed strongly enough then it can be no other file. I can see how information on previous sites visited can be leaked and how this could be bad but I think whitelisting by end users could still allow some files to be used. E.g. the code for react.
1 comments
stavros 56 days ago
The fact that you don't see it doesn't mean it doesn't exist. I make up a unique file, put it on site X and ask your browser to cache it. I try to load the same file on site Y and time how long it takes. If it's instant, site Y knows you visited site X.

Tadaaa! Tracking.

link
cjbgkagh 56 days ago
I said I ‘can see’ I already understand that. Hence the whitelisting on files that are not unique / created for this purpose.
link
stavros 56 days ago
Ah, my bad, sorry.
link