Wednesday, May 7, 2014

Dropbox Vulnerability Affecting Shared Links

Dropbox (via Slashdot):

We wanted to let you know about a web vulnerability that impacted shared links to files containing hyperlinks. We’ve taken steps to address this issue and you don’t need to take any further action.

For background, whenever you click on a link in any browser, the site you’re going to learns where you came from by something called a referer header. The referer header was designed to enable websites to better understand traffic sources. This is standard practice implemented across all browsers.

Their remedy, breaking any existing shared links, seems to be worse than the problem it’s trying to solve.

Comments

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment