Philipp Lenssen has an interesting post over at Google Blogoscoped pointing out how easy it is to plant a My Search History entry.

By placing a google search query string into an iframe, you can easily add an entry to any of your visitor’s My Search History.

Philipp’s tricky code:

<iframe src="" style="width:0; height: 0; border: 0; overflow: hidden” border="0></iframe>

Update: Realized my initial post didn’t explain the code fully. So here’s a breakdown of what is happening.

  1. The <iframe> tag loads up google in a hidden frame. This way normal visitors cannot detect it unless they view the webpage source.
  2. The google page is loaded with a query string. Inside the src attribute you can see the entire query. By changing the query, you can insert any search term into Google’s My Search History.
  3. Example:
