[tor-bugs] #7061 [Flashproxy]: Investigate a wordpress.COM solution
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 16 15:18:30 UTC 2013
#7061: Investigate a wordpress.COM solution
------------------------+---------------------------------------------------
Reporter: bastik | Owner: dcf
Type: task | Status: needs_information
Priority: minor | Milestone:
Component: Flashproxy | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Changes (by dcf):
* status: new => needs_information
Comment:
Replying to [comment:6 saint]:
> With some .htaccess trickery, you can have an image that (when added as
<img>) is actually an iframe [1]. This technique is frequently used by
spammers to drop cookies.
>
> It's worth testing to see if an actual bridge connection can be made
before giving up on these types of hosted blogs.
>
> [1] https://github.com/glamrock/cupcake/blob/master/img-embed/ideas.md
I am intrigued by this. Do you have any references to examples of it
working? It doesn't work in my test but I might be doing something wrong.
I'm attaching a test program that opens a web server on localhost. When
you browse to localhost:8080, you get served an HTML file with `<img
src="x.png">`. Requesting `/x.png` gets you a 302 redirect to `/x.html`. I
get a "broken image" icon and this message in the Chromium console:
{{{
Resource interpreted as Image but transferred with MIME type text/html:
"http://localhost:8080/x.html".
}}}
If I change the `Content-type` of `/x.html` to be `image/png`, I don't get
the console message, but still the HTML file doesn't show in the space
reserved for the image.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7061#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list