tag:blogger.com,1999:blog-5172234162156804841.post7840638779214633812..comments2024-03-17T02:16:03.638-07:00Comments on Really Really Free Market Campbell Park: We've brought back the Facebook pageUnknownnoreply@blogger.comBlogger1125tag:blogger.com,1999:blog-5172234162156804841.post-3046340392807122152015-02-25T23:56:33.985-08:002015-02-25T23:56:33.985-08:00Most instances of this exploit rely on trying to l...Most instances of this exploit rely on trying to load an HTML page via an img tag. Wouldn't it be possible for the server to recognize this by the different Accept request header? So the exploit surface remaining is only real images being loaded, which could be dealt with by not doing redirects on images, or at least not doing redirects that expose information.<a title="facebook" href="http://www.google.com" rel="nofollow">facebook</a>Anonymoushttps://www.blogger.com/profile/18194934373442390118noreply@blogger.com