Apple Blocks Sites From Abusing HSTS Security Standard to Track Users

By [email protected] (Swati Khandelwal) If you are unaware, the security standard HTTP Strict Transport Security (HSTS) can be abused as a ‘supercookie’ to surreptitiously track users of almost every modern web browser online without their knowledge even when they use “private browsing.”

Apple has now added mitigations to its open-source browser infrastructure WebKit that underpins its Safari web browser to prevent HSTS abuse after

Via:: Apple Blocks Sites From Abusing HSTS Security Standard to Track Users