[Standards] XHTML <img/> presence leak

Peter Saint-Andre stpeter at jabber.org
Tue Mar 6 17:06:45 UTC 2007


Kevin Smith wrote:
> On 5 Mar 2007, at 20:45, Peter Saint-Andre wrote:
>> Does this text address the concern?
>>
>> "Because images served on the Internet may contain malicious 
>> instructions or software code and may enable the entity serving the 
>> image to determine the network availability of the requesting entity, 
>> an implementation MAY choose not to show images but instead show only 
>> the 'alt' text or to not fetch images offered by entities that are not 
>> authorized to view the user's presence."
> 
> Looks like it to me.

OK, we'll put that on the agenda for the next Council meeting.

Peter

-- 
Peter Saint-Andre
XMPP Standards Foundation
http://www.xmpp.org/xsf/people/stpeter.shtml

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070306/0917ce8c/attachment.bin>


More information about the Standards mailing list