The vulnerability of Google Chrome’s browser allows a hacker to determine which website was visited using an HSTS connection.
The vulnerability of the CSPSource::schemeMatches function in the WebKit/Source/core/frame/csp/CSPSource.cpp file of the Content Security Policy implementation in the Blink component of the Google Chrome browser is related to the lack of application of http policies for https addresses and ws...