A lot of websites now provide a Bookmark button which does actions directly. For example share onfacebook bookmarklet, read it later boomkarklet & share in google reader bookmarklet. This feature is very handy because you just visit any website, click on the bookmark and something get posted on your account!
Technical speaking, what happens is:
Assume that there's a bookmarklet button B which when clicked, the current page link is saved on my account for mylistOfURLs.com
- User visits page x
- User Presses B
- What actually B contains is a javascript that will run as if the javascript was written in the location bar.
- The javascript code under the B button actually sends the current location to mylistOfURLs.com to be saved there.
Am I the only paraniod person here? I see a major security threat. Isn't this just like a universal cross site scripting vulnerability? What if I can manage to change the code of the bookmark button to post the cookie to my website before posting the location to mylistOfURLs.com! Even better, what if I can lure the victim into adding my button which if clicked, all the info of the active page is sent to me. It's terrifying!
Also, there are privacy issues here. If mylistofURLs.com is not very trusted website, I might be afraid to click on their bookmarklet. What if they steal my cookie (conspiracy theory)? What if they steal my referer (for AD purposes)?
Anyway, My suggestion is: Never click on a bookmarklet on a page that has your personal information or that you're logged in to.
