logoalt Hacker News

shaknatoday at 3:46 AM2 repliesview on HN

This would also leave intact cookies, local/session storage, indexeddb, caches. All of which abusers do actually check, when controlling their victims.


Replies

otherme123today at 6:14 AM

A quick check shows that they don't store anything as cookies or any other browser storage.

The thing that still works is the back button after the redirection to Google, and you can still un-close the tab with Ctr-Shf-T which pops the Google page with back history intact. They have "cache-control: max-age=0" which probably should be changed to "cache-control: no-store". Still, the back button has the history if the user clicked links. Improvements could be:

- Recommend the usage of incognito mode.

- Blank the page immediately with "document.body.innerHTML=''" before the page replacement, as the replacement alone can have a delay and the abuser could see a glimpse of the police page. Blanking is immediate.

show 1 reply
make3today at 5:40 AM

I'm sure 99% don't? Unless your abuser is a CS major

show 4 replies