OctoDev Posted April 17, 2015 Posted April 17, 2015 Nice, hope to see a toggle to enable/disable remote url images, so members cant upload content via URL's... for me its a security concern
OctoDev Posted April 17, 2015 Author Posted April 17, 2015 Please open a separate topic explaining what you mean there. I know of no security concerns related to linking to a remote image.Using CloudFlare becomes pointless when this is enabled, they could put a IP Logger as url and it would basically log the servers IP. I strive my best to hide my servers IP from public, but nothing I can do when they can just bypass all my checks with this..
Management Charles Posted April 17, 2015 Management Posted April 17, 2015 When someone inserts an image via the "insert as URL" option all it does is insert a regular <img src=''> tag in the body of your post. There is no interaction with your server so nothing is revealed.
OctoDev Posted April 17, 2015 Author Posted April 17, 2015 When someone inserts an image via the "insert as URL" option all it does is insert a regular <img src=''> tag in the body of your post. There is no interaction with your server so nothing is revealed.
OctoDev Posted April 17, 2015 Author Posted April 17, 2015 Now, i could just put a iplogger there and it would revail the servers IP address.. in my case i do everything to hide it to prevent attacks, but what i do wont help if there is no toggle to disable this
Management Charles Posted April 17, 2015 Management Posted April 17, 2015 Oh I see you're referring to profile photos.
OctoDev Posted April 17, 2015 Author Posted April 17, 2015 Oh I see you're referring to profile photos. Yeah. On all old versions, there was a option to toggle this on/off. I hope it can come back, i can't imagine it being hard to add..
Recommended Posts
Archived
This topic is now archived and is closed to further replies.