Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/pkgsite: image in readme and privacy #43114

pierrre opened this issue Dec 10, 2020 · 2 comments

x/pkgsite: image in readme and privacy #43114

pierrre opened this issue Dec 10, 2020 · 2 comments


Copy link

@pierrre pierrre commented Dec 10, 2020

If a readme includes images, they're showed directly on
It could cause privacy/security issue:

  • the image could be used to track users (statistics/IP/etc...)
  • if the image is "malicious", and the web browser has a bug, it could crash it, or execute arbitrary code

We should probably have an image proxy (similar to what Github does).

I'm surprised nobody reported it already.
I haven't found any similar issue on the tracker.
Maybe I didn't search correctly.

@gopherbot gopherbot added the pkgsite label Dec 10, 2020
@gopherbot gopherbot added this to the Unreleased milestone Dec 10, 2020
@jamalc jamalc modified the milestones: Unreleased, pkgsite/unplanned Dec 10, 2020
Copy link

@julieqiu julieqiu commented Dec 10, 2020

Closing this as a duplicate of #37128.

@julieqiu julieqiu closed this Dec 10, 2020
Copy link

@pierrre pierrre commented Dec 11, 2020

sorry for the duplicate, I couldn't find this other issue in my search.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants