Browse Definitions :
Definition

URL poisoning (location poisoning)

URL poisoning, also known as location poisoning, is a method of tracking Web user behavior by adding an identification (ID) number to the page address (Uniform Resource Locator) line of the Web browser when a user visits a particular site. This ID number can then be used to determine which pages on the site the user visits thereafter. Aggregating this kind of information can be useful for understanding how a user gets to a page, what products or services they may be interested in, and correlating user behavior to demographics.

URL poisoning resembles the use of cookies. However, with URL poisoning, a user has no easy way to opt out. A server that employs URL poisoning assigns the ID as soon as the first page of the site is visited. The Web browser then considers this ID to be part of the URL. The ID remains and is recorded as long as the user visits other pages on the same site. It can also stay with the browser when the user visits Web sites that cooperate with the original site in tracking a user's page sequence. Because a user may not want anyone to track pages that are visited, the use of URL poisoning is somewhat controversial.

This was last updated in March 2011

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

  • tokenization

    Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential ...

  • incident response

    Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also ...

  • Federal Information Security Management Act (FISMA)

    The Federal Information Security Management Act (FISMA) is United States legislation that defines a framework of guidelines and ...

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

Close