Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>eg viewing a malicous email with the IMG tag in a webmail client

The article mentions it would occur even without opening the email.



Well, it is possible your email client is doing prefetching. I wouldn't rate it as probable, since you're unlikely to have a client with the same cookies than your web browser, but still.

You could also abuse Firefox and Chrome prefetching links. I'm not sure Gmail for example remove prefetching attributes in spam links. They do block images though.


Good point.

Anyways, how would it work with the server receiving any data from the client just by viewing the link in your browser?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: