Safari Bug causes security vulnerability to your Google account and browsing history
- Euri
- Jan 16, 2022
- 1 min read

Ah crap. In my opinion, a very concerning Safari bug has been discovered by FingerprintJS that it can leak information about your Google account and your recent browsing history. And that Safari bug comes from its IndexedDB implementation.
The good news is that they have reported it to Apple! But the bad news is they have not yet responded, and the bug affects to literally all platforms such as: iOS, iPadOS, and macOS, and all versions of Safari. And I’m afraid, there is also no perfect get around to the problem as one solution is to disable JavaScript but will just ruin your experience. If you are bothered by this bug, you can always alternatively use other browsers for now but is only applicable for macOS.
If you love to discover about this bug, I can give you a kinda extended version of this. This bug could let any website get and use your Google User ID to find personal information about you (like your profile picture) as it is used to make API requests to other Google services, and can get domains from your recent browsing history, resulting in your privacy violations. Don’t believe me? There is a live demo concept of this but take it at your own risk.
Comments