posted 12 years ago
Hello all....
I have a question.....
Given the two tags (pixel image call / web bug) bellow (which perform HTTP calls to other domains than the ones of the page that they are running).....
For what concerns CSS and CSRF......
- What is the REAL possibility of having logic embedded into the image GIF which is supposed to be delivered as part of the HTTP response?
- Could the browser end up running malicious code and crash the user's browser?
- any other threat here?
- What is the possibility of having logic embedded into the response?
- Could the browser end up running malicious code here?
- any other threat here?
Thank you in advance,