[gaia e-mail] sanitizing web-bug images?
axel.grude at googlemail.com
Wed Aug 15 21:38:53 UTC 2012
> Ah, OK. Maybe a setting to determine how small is too small to render? I'm not sure
> if Gaia apps are going to support something like Firefox prefs... That said, if the
> HTML doesn't declare the image size, we can't tell it's 1x1 without downloading it.
Well, that seems to make that plan impossible; leaving out size attributes is a
fairly trivial countermeasure. :(
You won't be able to determine visibility as well if it is achieved with transparency
(or even a white pixel) without downloading the image first. Maybe the "allow remote
images" message could be done in a less obtrusive way (e.g. a small floating "broken
image" button on top right, so there is no space penalty - this could expand into
"load remote images?" when tapped once)
> It might be interesting to run a testpilot to figure out (a) how many external
> references and of what types people receive in email, (b) how many of those declare
> their sizes, and (c) the distribution of sizes (both declared and undeclared) of
> those external objects.
counter measures would be fairly trivial, so I don't know whether this is really worth
the effort unless you plan on developing more sophisticated methods - either way,
welcome to the arms race :S
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tb-planning