The HTTP status codes history hack isn’t exactly about finding out if a user has visited a webpage but rather about knowing if he is currently logged into an account at the specified page. This example shows the exploit using Facebook, but it should be possible to port this to quite a lot of other websites requiring a login at some point.
All we need to do is to load the Facebook profile URL in a script tag and attach an onload and an onerror event to it. The onload event will fire if you are logged in, the onerror fires if you are not logged in. Very simple but also very accurate. See the proof of concept below. You might as well log in or out of your Facebook account and reload this page.
Checking your Facebook login status…
And here’s the code:
The hack works for all versions of Firefox, Chrome and Safari, however it does not work in Internet Explorer or Opera as these browsers won’t fire the attached events.
More examples of this hack’s usage can be found in this article by Mike Cardwell and this post by Jeremiah Grossman.
If you’d like to have a „real“ history hack that tells you if a user has visited a website without requiring him to be logged into it please have a look at my blog post on using an IFrame in a scrollable DIV to read browsing history.