Safari leaks Google queries

I’ve found yet another hole in Safari, this one leaks search queries or anything in the query string. It works by setting the javascript property “host” and redirects an open window to a page which will display the search query.

Proof of concept

Tested on Safari 2.0.4 on mac and Safari 3.02 beta on windows.

Comments are closed :( too much spam. If you want to contact me about any article please email or tweet me.