--- Comment #11 from Brian Jason Drake <> 2010-12-30 
12:27:59 UTC ---
(In reply to comment #10)
> (In reply to comment #8)
> > It’s more than “moderately annoying” [0]. You said it yourself: the images
> > could be replaced with something “malicious”. It’s more obvious how this 
> > could
> > be a security risk when you consider that images could be used by gadgets or
> > user scripts.
> The images are cross-origin, so they can do basically nothing different from 
> if
> they were on some totally different site in a different tab.  Gadgets and user
> scripts cannot (AFAIK) access the contents of files at
> all.  Pretty much anything an attacker could do by MITMing these images, they
> could do by MITMing some unrelated site you have open, assuming you have at
> least one unsecured connection open.  So that point is, yes, at most 
> moderately
> annoying.
> The issues of replacing the scripts, and snooping on the images to figure out
> what pages you're viewing, are the significant ones.

True, the images are cross-origin, and cannot in themselves do anything. True,
gadgets and user scripts cannot access the contents of

However, gadgets and user scripts can cause these files to be displayed on the
current page. Once this is done, the images have meaning to the person viewing
the page, who may make important decisions based on them. The EFF gives a nice

“Nor is it safe to reference images via HTTP: What if the attacker swapped the
Save Message and Delete Message icons in a webmail app?”

So this issue is potentially more than moderately annoying: in fact, it is just
as important as the other issues, in general. (However, for most users on the
Wikimedia sites, it is probably far less important than the other issues.)

Configure bugmail:
------- You are receiving this mail because: -------
You are on the CC list for the bug.
Wikibugs-l mailing list

Reply via email to