This is fixed in 2.01.
Note that this will only track you when you look at the log file.
Update 3/18 But there is a new way that works in 2.01!
Wed Feb 21 23:34:07 EST 1996 REMOTE_ADDR = xxx.xxx.xx.x REMOTE_HOST = xxxxxxxxx.com QUERY_STRING = result=3= http://www.yahoo.com/Business_and_Economy/Companies/Apparel/Lingerie/ HTTP_USER_AGENT = Mozilla/2.0 (X11; I; SunOS 5.4 sun4m) via proxy gateway CERN-HTTPD/3.0 libwww/2.17(The above example was from a test a friend did for me).
The tracker waits 5 seconds before starting. After that, it will continuously report on your browsing until you close those windows.
BTW, as recently as the day I formulated this attack, an engineer at Netscape has this to say:
Date: Wed, 21 Feb 1996 12:28:59 -0800
The copyhistory option was disabled in 2.0b6 to prevent your session history, with potentially secret keys or other URL query strings, from being stolen by malicious hidden scripts.
You can read the article I posted to the RISKS Forum on this problem. That is also available.
Invoke the tracker.
View the last 60 lines of the log file
Remember: We're watching...
Last modified on .
This page accessed times.