Ping attribute is introduced to <a href> element in HTML5 but because of many privacy concerns, It is removed from the standards list. Its purpose to ping other url/s when a user clicks on a link. It is a dream come true for companies that like to track users. It makes hackers life easy, you click on a button and you think that you are doing X and button in the background your browser doing X and Y and Z. You click on a link and your browser calls other urls in the background and ping them. What can go wrong with that?
Now, you might think that why I am talking about it if it is removed from the standard. Most of the browser still supports this feature and W3C is trying to bring it back to HTML 5.3 standards. There are already hacker stories who used this attribute for DDoS attacks.
In the following example, user clicks on a button to go to Google, browser redirects user to Google and pings the listed urls in the same time. So if you are buying a product, companies can notice other companies what you are buying in real time. They are already doing this but this attribute makes the life much easier for them. You can ping multiple websites, It supports multiple values.
<a href="http://www.google.com" ping="http://www.iwilltrackyou.com/">Google</a>
Let's try this in a local example. I created a link which redirects user to Google, Also I have ping url to ping a local .Net Core function.
No comments:
Post a Comment