IFrame Tag Allows Google My Search History Spam

    May 18, 2005

A method in which Google’s My Search History can be spammed has been revealed. The method involves employing an iframe html tag performing an unauthorized Google search.

The method of planting entries into My Search History was revealed by Google Blogoscoped. By using a hidden iframe html tag, it is possible to plant search entries into other users of My Search History.

When a user comes across with a page containing the hidden iframe, they unwittingly generate a Google search, which is defined by the iframe parameters. An entry on the SearchEngineWatch blog reveals the method used to plant these search queries:

<iframe src=”http://www.google.com/search?q=
border=”0″ style=”width: 0; height: 0; border: 0; overflow: hidden”>

When a page is loaded with this particular iframe present, the user who viewed the page will find this entry in their Google search history: Google+Blogoscoped+sneaked+in+through+the+backdoor&hl=en”>Google Blogoscoped sneaked in through the backdoor…

Interesting stuff. Hopefully, Google can find a way before someone exploits this maliciously.

Chris Richardson is a search engine writer and editor for WebProNews. Visit WebProNews for the latest search news.