Exploiting IndexedDB API information leaks in Safari 15

This page summarizes the projects mentioned and recommended in the original post on dev.to

Our great sponsors
  • SonarQube - Static code analysis for 29 languages.
  • Scout APM - Less time debugging, more time building
  • SaaSHub - Software Alternatives and Reviews
  • WebKit

    Official git mirror of the WebKit repository, https://svn.webkit.org/repository/webkit, future canonical repository.

    Update (Monday January 17th 2022): Apple engineers began working on the bug as of Sunday, have merged potential fixes, and have marked our report as resolved. However, the bug continues to persist for end users until these changes are released.

  • blog-indexeddb-safari-leaks-demo

    Demo showcasing information leaks resulting from an IndexedDB same-origin policy violation in WebKit.

    We created a simple demo page that demonstrates how a website can learn the Google account identity of any visitor. The demo is available at safarileaks.com. If you open the page and start the demo in an affected browser, you will see how the current browsing context and your identity is leaked right away. Identity data will only be available if you are authenticated to your Google account in the same browsing session.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts