16717 2012-04-12 21:58:00 +0000 Security issue with image exclusions 2012-04-25 22:21:53 +0000 1 1 1 Unclassified CSS Exclusions unspecified PC All RESOLVED DUPLICATE 16112 P2 normal --- 1 vhardy vhardy eoconnor ratan stearns public-css-bugzilla oldest_to_newest 66671 0 vhardy 2012-04-12 21:58:00 +0000 The use of images as exclusion areas, especially when combined with the shape-image-threshold property are a security concerns because through script, malicious code could analyze the content of a cross domain image. For example, if the attacker uses 1px x 1px inline elements around and inside an image exclusion and uses script to find the position of the element, information about the image will be leaked and will allow reconstruction of a grayscale version of the image. 67072 1 stearns 2012-04-25 22:21:53 +0000 Copying the above comment to 16112 *** This bug has been marked as a duplicate of bug 16112 ***