Information from a browser
Results 1 to 9 of 9

Thread: Information from a browser

  1. #1
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130

    Information from a browser

    In general, what kind of information a webserver (cgi, server side script, etc) can get from a browser?
    - version, patch, config?
    - cookies?
    - history? statistics?

    I mean in a "regular" way, not thru an exploit.
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207

    Re: Information from a browser

    Originally posted here by cacosapo
    [B]In general, what kind of information a webserver (cgi, server side script, etc) can get from a browser?
    Not a lot.

    - version, patch,
    The version is normally sent. This may or may not include patch information, it depends on the patch and the browser. Sometimes IE sends stuff about patches.

    config?
    Some of it. Some configuration options are intended to be sent to the server. A good example of this is the configured languages - which is sent to a server to tell it what languages you'd prefer to read.

    Google uses this to automatically set the language of Google.com according to your browser preference.

    This is independent of the browser's UI language, but the default is likely to be the same, for example, in a French version of Mozilla Firefox, it probably defaults to French language preference. This is the "Accept-language" header.

    - cookies?
    Yes and no. Cookies are sent to servers, that is their purpose. But Cookies are site-specific. One site's cookies will never be sent to another site. That would be a privacy risk and would confuse the site.

    - history? statistics?
    No.

    The only history sent, is the "Referer" (note the spelling mistake) header which sends the previous URL, not a complete history. Even then, it only sends it if you clicked on a link to get to the site. If you type in a URL or load it from bookmarks, etc, it won't have a referrer.

    Slarty

  3. #3
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795
    Basic information a webserver can get from a browser depends on how the webserver is configured of course whether the webserver is running Apache, IIS, lotus, oracle etc... It can "normally" get the following information: The type of browser the person is using, version of browser, The OS, can get the IP address, Screen size, screen resoultion, cookies for that specific site, Not all webservers are configured to get such information but some are.

  4. #4
    Member
    Join Date
    Aug 2004
    Posts
    95
    - history? statistics?

    Can any one explain what is meant by history?
    Site can deposit more than one cookie, if so at any time when you visit the page, can the site take all the cookies?

  5. #5
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718
    cacosapo,
    You can try http://gemal.dk/browserspy/. Nice little site, very informative. There, you can get some ideas as to what could be revealed about your system from browsing. Remember though, it all depends on the site. Not all sites will retrieve all the information listed on gemal.dk.
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  6. #6
    Banned
    Join Date
    Apr 2003
    Posts
    1,146
    Originally posted here by anban
    Can any one explain what is meant by history?
    Site can deposit more than one cookie, if so at any time when you visit the page, can the site take all the cookies?
    History is a cache of the local browser of where you have been recently. Go to View, Go To, or drop down the Address bar on your browser. That is your history.

    A site can drop more than one cookie, depending on what behavior the site is tracking. Look back up at Slarty's excellent response, and pay particular attention to the cookies part.

  7. #7
    If you really want to know what a site gathers from your browser, fire up a sniffer and see what happens when you browse a site.
    ethereal.com

  8. #8
    Member
    Join Date
    Dec 2001
    Posts
    84

    Privacy Analysis

    Go to http://privacy.net/ and click on Analyzer at Network-Tools.com/analyze to see what information can be seen while you browse.
    You can\'t squeeze cheese from a goat before it\'s hatched.............

  9. #9
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    For what is relevant.. typing in

    Code:
    javascript:alert(document.cookie)
    in your browser's address bar [then hit Enter] will show you a prompt with what the cookie for the particular site you're on contains... of course, if you Java Script enabled. This isn't the only thing you can do, I used to know [but fall short of remembering now] how to change the content of cookies and other 'things' from a site using JS in the address bar.

    [edit]

    Seems that whichever way I type it there's a space in the posted code between java and script. That one needs to go for this to work.

    [/edit]
    /\\

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •