IFrame Tag Allows Google My Search History Spam
A method in which Google’s My Search History can be spammed has been revealed. The method involves employing an iframe html tag performing an unauthorized Google search.
The method of planting entries into My Search History was revealed by Google Blogoscoped. By using a hidden iframe html tag, it is possible to plant search entries into other users of My Search History.
When a user comes across with a page containing the hidden iframe, they unwittingly generate a Google search, which is defined by the iframe parameters. An entry on the SearchEngineWatch blog reveals the method used to plant these search queries:
border=”0″ style=”width: 0; height: 0; border: 0; overflow: hidden”>
When a page is loaded with this particular iframe present, the user who viewed the page will find this entry in their Google search history: Google+Blogoscoped+sneaked+in+through+the+backdoor&hl=en”>Google Blogoscoped sneaked in through the backdoor…
Interesting stuff. Hopefully, Google can find a way before someone exploits this maliciously.