For those unfamiliar, GNUCITIZEN is quite possibly the best site on the internet for web security research that is not affiliated with a vendor. pdp has covered topics such as backdooring Quicktime files, building XSS attack libraries, improving existing protscanners and history stealers, and even a JavaScript web crawler (which is currently receiving a massive improvement...). Much of his work ends up appearing in live attacks a few months after the info is released.

Needless to say I was really happy when pdp asked me to write a blog entry for his site. I wrote up a meaty overview of the different methods JavaScript can use to send HTTP requests, as well as the pros and cons of each.

From Acidus:

For those unfamiliar, GNUCITIZEN is quite possibly the best site on the internet for web security research that is not affiliated with a vendor. pdp has covered topics such as backdooring Quicktime files, building XSS attack libraries, improving existing protscanners and history stealers, and even a JavaScript web crawler (which is currently receiving a massive improvement...). Much of his work ends up appearing in live attacks a few months after the info is released.

Needless to say I was really happy when pdp asked me to write a blog entry for his site. I wrote up a meaty overview of the different methods JavaScript can use to send HTTP requests, as well as the pros and cons of each.

Events can be set to trap when the image has finished loading and what the size of the image is. This creates a side channel for JavaScript to communicate with certain 3rd party hosts using the dimensions of the image. In practice, XBM images tend to work best because you can specify arbitrary lengths and widths up to a 15bit integer without actually needing an image of that size.

I knew I had talked about this publicly before! This was from Jan of 2007.

Good to know I'm not going crazy :-)