Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1202802
  • 博文数量: 272
  • 博客积分: 3899
  • 博客等级: 中校
  • 技术积分: 4734
  • 用 户 组: 普通用户
  • 注册时间: 2012-06-15 14:53
文章分类

全部博文(272)

文章存档

2012年(272)

分类: 网络与安全

2012-06-27 13:35:30

这个东西比较敏感,是把双刃剑,所以我不想在blog上讲太详细。



这是一个给客户端打上永久标记的项目,类似技术我以前在blog里也写过,很多广告提供商用的特别多。


Specifically, when creating a new cookie, it uses the     following storage mechanisms when available:    
 - Standard      
- (Flash Cookies)     
- Storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out     
- Storing cookies in and reading out      
- Storing cookies in HTTP      
- Internet Explorer storage     
- HTML5 Session Storage     
- HTML5 Local Storage     
- HTML5 Global Storage     
- HTML5 Database Storage via SQLite     

TODO: adding support for:     
- Silverlight      
- caching     
- Caching in      
- Using Java to produce a unique key based off of NIC info

对我来说,比较有趣的是
RGB
的想法,把cookie存储在一个图片中,然后在客户端再读出来,给这个图片设置一个expires非常长的时间(Expire 头,用于客户端缓存,不同于cookieexpire属性)
/* evercookie 0.3, by samy kamkar, 09/20/2010
*  : code@samy.pl
*
* This is the server-side variable PNG generator for evercookie.
* If an HTTP cookie is passed, the cookie data gets converted into
* RGB-values in a PNG image. The PNG image is printed out with a
* 20-year cache expiration date.
*
* If for any reason this file is accessed again WITHOUT the cookie,
* as in the user deleted their cookie, the code returns back with
* a forced "Not Modified" meaning the browser should look at its
* cache for the image.
*
* The client-side code then places the cached image in a canvas and
* reads it in pixel by pixel, converting the PNG back into a cookie.
*
* -samy kamkar
*/

ETag
/* evercookie 0.3, by samy kamkar, 09/20/2010
*  : code@samy.pl
*
* This is the server-side ETag software which tags a user by 
* using the Etag HTTP header, as well as If-None-Match to check
* if the user has been tagged before.
*
* -samy kamkar
*/

阅读(2935) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~