Safari 5 Link selector: bug or security feature? June 7, 2010
Safari 5 came out today. I am still testing. Safari 5 does not support all CSS selectors. While webkit (the engine behind Safari) has been supporting all CSS selectors, including all proposed CSS3 selectors for a long time now, today’s release does not support a:link and a:visited. There is a grid of CSS3 Selectors and Browser support at my other blog, Standardista.com.
I’ll be testing further over the next few days, but since this one is a doozy if it is a bug, and undocumented (my Google skills are failing me at this hour), i wanted to let y’all know now instead of waiting for my full post. Does anyone know if this is a new security feature, or if it is a bug?
You can download safari.
UPDATE:
According to a somewhat hidden security file at Apple, http://support.apple.com/kb/HT4196, this seems like it is actually a security feature:
WebKit: Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.2 or later, Mac OS X Server v10.6.2 or later, Windows 7, Vista, XP SP2 or later
Impact: A maliciously crafted website may be able to determine which sites a user has visitedDescription: A design issue exists in WebKit’s handling of the CSS :visited pseudo-class. A maliciously crafted website may be able to determine which sites a user has visited. This update limits the ability of web pages to style pages based on whether links are visited.
At the time of this writing, it was at the way bottom of the page.
