Firefox developers say they're close to plugging an information leakage hole
that has plagued every major browser for more than a decade.
The cascading style sheets history attack makes it easy for web masters to
compile vast lists of links visitors have previously viewed. It exploits
technology in virtually every browser that causes visited links to be displayed
in purple rather than blue. Mozilla has classified the weakness as a bug since
at least 2002.
But fixing it has proved to be a vexing problem, largely because programmers
didn't know how to close the hole without breaking key web functionality. Many
proposed fixes threatened to bring browsers to a crawl or prevent users from
knowing whether they had previously visited a website, trade-offs Mozilla,
Microsoft and other browser makers have largely considered unacceptable.