Investigate how we can mitigate thumbnail poisoning.
How the thumbnail get poisoned:
- User uploads a link ( A "Cat" for example )
- Server caches it.
- User changes it to a banana ( or anything WORSE )
- Another user sees the cat in the thumbnail, clicks on it and sees a banana instead
Ideas of mitigating it:
Saving the thumbnail hash and let the frontend warn if the hash doesnt match anymore.
Investigate how we can mitigate thumbnail poisoning.
How the thumbnail get poisoned:
Ideas of mitigating it:
Saving the thumbnail hash and let the frontend warn if the hash doesnt match anymore.