A Favicon bug lets Chrome and Firefox download huge favicon files to the point they crash the browser:
Andrea De Pasquale posted a tweet saying "Weird 64MB favicon.ico turning out to be a TAR backup of the whole WP site, downloaded by every browser passing by."
This creepy bug makes Chrome and Firefox download the huge favicon files to the point till they crash the browser. The silliest part is that the users are not at all aware of this download as it is all done in the background and who is truly to be blamed for this.
[...] Technically, the existence of this bug is no surprise, as there is no rule of standard anywhere which states that the favicon files have to be below a specified limit. As a matter of fact, the favicon files need not have to be .ico files. A lot of GIF, PNG or JPEG files are used with popular websites, and there are no limitations linked to the file's extension.
(Score: 2, Insightful) by MichaelDavidCrawford on Tuesday June 23 2015, @03:47PM
Iirc some browser just started displaying fab icon.ico if one was available. I don't object to vendor extensions but it should have been submitted to the w3c so they could specify just what a fab icon actually is.
If you can crash a browser then likely a specially crafted Davison could install malware.
By the way soes anyone know how to totally disable iOS autocorrect?
Yes I Have No Bananas. [gofundme.com]
(Score: 0) by Anonymous Coward on Tuesday June 23 2015, @03:51PM
<input autocorrect="off" autocapitalize="off">
(Score: 5, Insightful) by WizardFusion on Tuesday June 23 2015, @04:03PM
By the way soes anyone know how to totally disable iOS autocorrect
At the risk of being marked as a troll, don't use apple products.
(Score: 2) by MichaelDavidCrawford on Tuesday June 23 2015, @05:02PM
and led the standards committee that defined a protocol for interapplication text processing.
to me autocorrect is particularly vexing because spellswell and lookup both worked better in the 1980s. apple could have licensed our oem engine rather than coming up with this crud at great expense.
Yes I Have No Bananas. [gofundme.com]
(Score: 2) by kaszz on Wednesday June 24 2015, @12:30AM
The licensing conditions for Spellswell perhaps wasn't what Apple liked?
(Score: 3, Touché) by vux984 on Wednesday June 24 2015, @02:11AM
In that they existed? Apple seems more prone to NIH syndrome than many companies I've seen.
(Score: 2) by MichaelDavidCrawford on Wednesday June 24 2015, @05:49AM
we earned our coin selling specialty dictionaries like legal and medical.
Yes I Have No Bananas. [gofundme.com]
(Score: 2) by LoRdTAW on Wednesday June 24 2015, @03:17PM
Their version of NIH is to buy out whoever has what they are looking for: https://en.wikipedia.org/wiki/List_of_mergers_and_acquisitions_by_Apple [wikipedia.org]
A good example are their ARM SoC's which are developed by the Intrinsity [wikipedia.org] team. Many people think these big tech companies are magical workshops that spawn awesomeness. When in reality, they just go around buying out the good ideas and consolidating them behind a minefield of patents.
(Score: 0) by Anonymous Coward on Tuesday June 23 2015, @05:10PM
I hate this victim-blaming nonsense. You're saying that the way to prevent having your home broken into is to not have a home, and the way to prevent having your stuff stolen is to not own anything. Stop it with this bullshit, its disgusting. It doesn't help anything and just lets everyone know what an asshole you are.
(Score: 5, Informative) by Tramii on Tuesday June 23 2015, @04:20PM
(Score: 4, Informative) by kaszz on Wednesday June 24 2015, @12:48AM
Once upon a time in 1999, Microsoft released Internet Exploiter number 5 and its users in an comatose bliss started to spew requests for /favicon.ico into web server logs. It was like wtf is that for? and then, purpose? and then, aha eye candy for people that are look-new-shiny-bling-bling.
As there is a file format called "ICO" perhaps it's time to specify that as the image format? and then the maximum pixel and filesize?
Seems some browsers have problems displaying large pictures regardless so it could be beneficial to implement some kind of hard limit on images regardless. Like "This image will be 40 000 x 20 000 pixels and using 2.2 GB memory, are you sure you want to display it?" along with free RAM and swap information.
As for standard committees, Microsoft just steamrolls them.
(Score: 1) by ledow on Wednesday June 24 2015, @02:04PM
If your favicon is over 32Kb, we just don't display it.
See how long it takes for everyone to shrink their favicons back to a sensible size or feel the wrath of users who "only get the little default icon on your website, but not your competitor".