by Giorgio Maone » Tue May 10, 2011 2:53 pm
It's not trivial, since they're seen as normal cross-site image loads.
However, the attack requires JavaScript enabled on the attacker's site, so NoScript already protects against it.
It's not trivial, since they're seen as normal cross-site image loads.
However, the attack requires JavaScript enabled on the attacker's site, so NoScript already protects against it.