History.state can leak the state data from cross domain pages

2012-03-26T00:00:00
ID OPERA:1012
Type opera
Reporter Opera
Modified 2012-03-26T00:00:00

Description

When a site uses history.pushState and history.replaceState to add or replace history entries, it can also provide optional data, which may typically be used to restore the given state when the user navigates through their browser history. When pages with cross-domain frames use this functionality, Opera does not restrict that state data to the page that created it, and may allow other pages in that frame hierarchy to read the state data. This could leak whatever data is stored, which may in rare cases contain sensitive information.