diff --git a/chapters/methods.tex b/chapters/methods.tex index 87b7097..826c1eb 100644 --- a/chapters/methods.tex +++ b/chapters/methods.tex @@ -51,12 +51,12 @@ specification to include where and how a particular resource can be found. \glspl{URI} consist of multiple parts: \begin{enumerate} - \item a scheme (in some cases a specific protocol), - \item an optional authority (network host or domain name), - \item a path (a specific location on that host), - \item an optional query and - \item an optional fragment preceded by a hashtag (a sub resource pointing to - a specific location within the resource) + \item a scheme (in some cases a specific protocol), + \item an optional authority (network host or domain name), + \item a path (a specific location on that host), + \item an optional query and + \item an optional fragment preceded by a hashtag (a sub resource pointing to + a specific location within the resource) \end{enumerate} To access a section called \texttt{introduction} in a blog post named @@ -116,11 +116,11 @@ user identifier. Once the \emph{submit} button has been clicked, the identifier is sent to the server along with the data the user has filled in. \begin{listing} - \inputminted[frame=lines,framesep=2mm,bgcolor=light-gray,baselinestretch=1.2,fontsize=\scriptsize,linenos]{html}{code/hidden-web-form.html} - \caption{Example of an \gls{HTTP} form containing a hidden field with - \texttt{id=userId}. The id is set by the web server dynamically so that every -visitor has his/her unique identifier attached to the form.} - \label{lst:hidden web form} + \inputminted[frame=lines,framesep=2mm,bgcolor=light-gray,baselinestretch=1.2,fontsize=\scriptsize,linenos]{html}{code/hidden-web-form.html} + \caption{Example of an \gls{HTTP} form containing a hidden field with + \texttt{id=userId}. The id is set by the web server dynamically so that every + visitor has his/her unique identifier attached to the form.} + \label{lst:hidden web form} \end{listing} \subsection{HTTP Referer} @@ -135,7 +135,7 @@ web page and the current web page is sent as a \gls{URL} in the \gls{HTTP} Referer field. The header with the referrer information gets attached to the \gls{HTTP} request which is sent to the server. The server responds with the requested web page and can establish a link from the original web page to the -new web page. When applied to a majority of the requests on a site, the +new web page. When applied to a majority of the requests on a site, the resulting data can be analyzed for promotional and statistical purposes. \citeauthor{malandrinoPrivacyAwarenessInformation2013} have shown that the \gls{HTTP} Referer is one of the most critical factors in leaking \gls{PII} @@ -283,15 +283,15 @@ user agent \cite[Section 4.1.2.3]{barthHTTPStateManagement2011}. The same-origin policy applies to cookies, disallowing access by other domains. \begin{listing} - \inputminted[frame=lines,framesep=2mm,bgcolor=light-gray,baselinestretch=1.2,fontsize=\scriptsize,linenos]{http}{code/session-cookie-header} - \caption{An example of an \gls{HTTP} header setting a session cookie.} - \label{lst:session cookie header} + \inputminted[frame=lines,framesep=2mm,bgcolor=light-gray,baselinestretch=1.2,fontsize=\scriptsize,linenos]{http}{code/session-cookie-header} + \caption{An example of an \gls{HTTP} header setting a session cookie.} + \label{lst:session cookie header} \end{listing} \begin{listing} - \inputminted[frame=lines,framesep=2mm,bgcolor=light-gray,baselinestretch=1.2,fontsize=\scriptsize,linenos]{http}{code/permanent-cookie-header} - \caption{An example of an \gls{HTTP} header setting a permanent cookie.} - \label{lst:permanent cookie header} + \inputminted[frame=lines,framesep=2mm,bgcolor=light-gray,baselinestretch=1.2,fontsize=\scriptsize,linenos]{http}{code/permanent-cookie-header} + \caption{An example of an \gls{HTTP} header setting a permanent cookie.} + \label{lst:permanent cookie header} \end{listing} Distinguishing tracking and non-tracking cookies can be done with high accuracy @@ -361,7 +361,7 @@ Several websites were found using Flash cookies to respawn already deleted \cite{acarWebNeverForgets2014} automated detecting Flash cookies and access to them by monitoring file access with the GNU/Linux \emph{strace} tool \cite{michaelStraceLinuxManual2020}. This allowed them to acquire data about -Flash cookies respawning \gls{HTTP} cookies. Their results show that six of the +Flash cookies respawning \gls{HTTP} cookies. Their results show that six of the top 100 sites use Flash cookies for respawning. Even though Flash usage has declined during the last few years thanks to the @@ -370,7 +370,7 @@ development of the HTML5 standard, \citeauthor{buhovFLASH20thCentury2018} Flash content is still served by 7.5\% of the top one million websites (2017). The W3Techs Web Technology Survey shows a similar trend and also offers an up-to-date measurement of 2.7\% of the top ten million websites for the year -2020 \cite{w3techsHistoricalYearlyTrends2020}. Due to the security concerns in +2020 \cite{w3techsHistoricalYearlyTrends2020}. Due to the security concerns in using Flash, Google's popular video sharing platform YouTube switched by default to the HTML5