Miguel Afonso Caetano<p>"It is now time to fix it for good. A new solution has been proposed: partitioning visited link history. This approach fundamentally changes how browsers store and expose visited link data. Instead of maintaining a global list, web browsers will store visited links with a triple-key partition:</p><p>- Link URL. The destination of the visited link.<br>- Top-Level Site. The domain of the main browsing context.<br>- Frame Origin. The origin of the frame rendering the link.</p><p>A link is only styled as :visited if it was visited from the same top-level site and frame origin (...) This approach guarantees isolation and works well with the web's same-origin policy. The system records only navigations initiated by link clicks or scripts—excluding direct address bar entries or bookmark navigations.</p><p>Key benefits of this model include: strong protection against cross-site history leaks, solving for good of many known side-channel attacks, support for meaningful styling within trusted, same-context domains, conforming to established web privacy principles and data protection regulations.</p><p>This feature is already implemented in Chrome (v132, behind a <a href="https://tldr.nettime.org/tags/partition" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>partition</span></a>-visited-link-database-with-self-links flag). I am confident that in 2025 we are going to have this privacy headache solved once and for all."</p><p><a href="https://blog.lukaszolejnik.com/fixing-web-browser-history-leaks/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.lukaszolejnik.com/fixing-</span><span class="invisible">web-browser-history-leaks/</span></a></p><p><a href="https://tldr.nettime.org/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://tldr.nettime.org/tags/WebSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebSecurity</span></a> <a href="https://tldr.nettime.org/tags/Privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Privacy</span></a> <a href="https://tldr.nettime.org/tags/WebBrowser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebBrowser</span></a> <a href="https://tldr.nettime.org/tags/WebBrowserHistory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebBrowserHistory</span></a></p>