Thursday, June 19, 2014

We've brought back the Facebook page

Please Like us on Facebook. Also, a reminder that you can follow us on Twitter @RRFMToronto.

1 comment:

  1. Most instances of this exploit rely on trying to load an HTML page via an img tag. Wouldn't it be possible for the server to recognize this by the different Accept request header? So the exploit surface remaining is only real images being loaded, which could be dealt with by not doing redirects on images, or at least not doing redirects that expose information.facebook

    ReplyDelete