Evercookie
==========
Evercookie is a Javascript API that produces extremely persistent cookies in a
browser. Its goal is to identify a client even after they've removed standard
cookies, Flash cookies (Local Shared Objects or LSOs), and others.
This is accomplished by storing the cookie data as many browser storage
mechanisms as possible. If cookie data is removed from any of the storage
mechanisms, evercookie aggressively re-creates it in each mechanism as long as
one is still intact.
If the LSO mechanism is available, Evercookie may even propagate cookies
between different browsers on the same client machine!
By [Samy Kamkar](http://samy.pl), with awesome [contributions from others](https://github.com/samyk/evercookie/graphs/contributors)
Browser Storage Mechanisms
--------------------------
Client browsers must support as many of the following storage mechanisms as
possible in order for Evercookie to be effective.
- Standard [HTTP Cookies](http://en.wikipedia.org/wiki/HTTP_cookie)
- Flash [Local Shared Objects](http://en.wikipedia.org/wiki/Local_Shared_Object)
- Silverlight [Isolated Storage](http://www.silverlight.net/learn/quickstarts/isolatedstorage/)
- CSS [History Knocking](http://samy.pl/csshack/)
- Storing cookies in [HTTP ETags](http://en.wikipedia.org/wiki/HTTP_ETag) ([Backend server](#backend-server) required)
- Storing cookies in [Web cache](http://en.wikipedia.org/wiki/Web_cache) ([Backend server](#backend-server) required)
- [window.name caching](http://en.wikipedia.org/wiki/HTTP_cookie#window.name)
- Internet Explorer [userData storage](http://msdn.microsoft.com/en-us/library/ms531424.aspx)
- HTML5 [Session Storage](http://dev.w3.org/html5/webstorage/#the-sessionstorage-attribute)
- HTML5 [Local Storage](http://dev.w3.org/html5/webstorage/#dom-localstorage)
- HTML5 [Global Storage](https://developer.mozilla.org/en/dom/storage#globalStorage)
- HTML5 [Database Storage via SQLite](http://dev.w3.org/html5/webdatabase/)
- HTML5 Canvas - Cookie values stored in RGB data of auto-generated, force-cached PNG images ([Backend server](#backend-server) required)
- HTML5 [IndexedDB](http://www.w3.org/TR/IndexedDB/)
- Java [JNLP PersistenceService](http://docs.oracle.com/javase/1.5.0/docs/guide/javaws/jnlp/index.html)
- Java exploit [CVE-2013-0422](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0422) - Attempts to escape the applet sandbox and write cookie data directly to the user's hard drive.
To be implemented someday (perhaps by you?):
- Google Gears
- Using Java to produce a unique key based off of NIC info
- Caching in [HTTP Authentication](http://en.wikipedia.org/wiki/Basic_access_authentication)
- Other methods? Please comment!
The Java persistence mechanisms are developed and maintained by [Gabriel Bauman](http://gabrielbauman.com)
[over here](https://github.com/gabrielbauman/evercookie-applet).
Backend Server
--------------
Some of the storage mechanisms require a backend server. This package comes with PHP implementation of the etag, cache and png backend servers.
- For Node.js version, please visit [node-evercookie](https://github.com/truongsinh/node-evercookie).
- For Django version, please visit [Django Evercookie](https://github.com/gdmka/django_evercookie)
Caveats
-------
Be warned! Evercookie can potentially cause problems for you or your users.
- Some storage mechanisms involve loading Silverlight or Flash in the client
browser. On some machines this can be a very slow process with lots of disk
thrashing. On older mobile devices this can render your site unusable.
- CSS History Knocking can cause a large number of HTTP requests when a cookie
is first being set.
- In some circles, it is considered rude to use Evercookie. Consider your
reputation and your audience when using Evercookie in production.
- Browser vendors are doing their best to plug many of the holes exploited by
Evercookie. This is a good thing for the Internet, but it means what works
today may not work so well tomorrow.
You are responsible for your own decision to use Evercookie. Choose wisely.
Got an idea?
------------
Open a pull request!
没有合适的资源?快使用搜索试试~ 我知道了~
evercookie-master.rar
共46个文件
cs:7个
js:3个
java:3个
需积分: 9 14 下载量 127 浏览量
2014-09-02
10:07:35
上传
评论
收藏 122KB RAR 举报
温馨提示
Evercookie是一个用于向网站标识用户行为的Java Script。Evercookie故名思义可以让Cookie存储在非Cookie目录,例如FlashCookies和HTML5Storage。它的意义在于可以让网站能跟踪用户的上网习惯,即使用户清空了个人目录,它仍旧不会消失。
资源推荐
资源详情
资源评论
收起资源包目录
evercookie-master.rar (46个子文件)
evercookie-master
php
evercookie_png.php 2KB
evercookie_etag.php 2KB
evercookie_cache.php 542B
index.html 13KB
js
jquery.min.js 94KB
evercookie.js 37KB
swfobject-2.2.min.js 10KB
assets
EvercookieEtagServlet.java 2KB
evercookie_sl
evercookie.sln 935B
evercookie
App.xaml.cs 3KB
MainPage.xaml.cs 2KB
MainPage.xaml 749B
evercookie.csproj.user 1KB
Properties
AssemblyInfo.cs 1KB
AppManifest.xml 207B
Bin
Debug
evercookieTestPage.html 3KB
evercookie.pdb 26KB
evercookie.dll 10KB
evercookie.xap 5KB
AppManifest.xaml 349B
App.xaml 293B
obj
Debug
evercookie.csproj.FileListAbsolute.txt 1KB
evercookie.pdb 26KB
evercookie.g.resources 1KB
evercookie.dll 10KB
DesignTimeResolveAssemblyReferencesInput.cache 5KB
MainPage.g.cs 2KB
App.g.i.cs 2KB
MainPage.g.i.cs 2KB
DesignTimeResolveAssemblyReferences.cache 4KB
App.g.cs 2KB
XapCacheFile.xml 595B
evercookie.csproj 5KB
evercookie.suo 25KB
evercookie.jar 11KB
evercookie.fla 41KB
evercookie.xap 5KB
evercookie.swf 340B
evercookie.jnlp 546B
EvercookiePngServlet.java 3KB
EvercookieCacheServlet.java 2KB
README.md 4KB
css
master.css 7KB
.gitignore 49B
demo.html 2KB
ChangeLog 1KB
共 46 条
- 1
资源评论
夏洛2087
- 粉丝: 2
- 资源: 20
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功