FAVICON.ico requests when toggling Mozilla tabs
I was just noodling with an app I'm building in Django, so I've got that framework's development web server open and running locally. To pass the time while debugging, I vapidly started hammering CTRL+TAB, forcing Firefox 2's open tabs to quickly swap between windows.
I've got different pages within the same app, each of which share a HEAD section that references, among other things, JavaScript libraries, stylesheets, RSS feeds, and custom icons. Interestingly, I noticed the server logging GET requests for each page's FAVICON.ico file - not when pages were normally reloaded, but when their tabs were toggled.
I tried the same example in MSIE 7, and it didn't replicate. Interesting.
Might this be a security flaw that could lead to a hacker being able to overload a server with requests by pre-loading a bunch of dummy pages into Firefox at startup and then infinitely looping through the tabs?
I've got different pages within the same app, each of which share a HEAD section that references, among other things, JavaScript libraries, stylesheets, RSS feeds, and custom icons. Interestingly, I noticed the server logging GET requests for each page's FAVICON.ico file - not when pages were normally reloaded, but when their tabs were toggled.
I tried the same example in MSIE 7, and it didn't replicate. Interesting.
Might this be a security flaw that could lead to a hacker being able to overload a server with requests by pre-loading a bunch of dummy pages into Firefox at startup and then infinitely looping through the tabs?
posted by Jason Salas @ 10:10 AM
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home