Skip to main content

Topic: forum's behavior related to linked images (Read 3066 times) previous topic - next topic

0 Members and 1 Guest are viewing this topic.
  • Robertina
  • [*][*][*][*][*]
  • Banned
forum's behavior related to linked images
Hovering the mouse over that text of preview images: "Reduced: nn% of original size [ nnn x nnn ] - Click to view full image" my browser's status bar does not show the URL I would call up by clicking that text to see the full sized image (for example in threads as Columns UI appearance this happens).

Does this behavior come from the forum's software or does it depend on how a member is setting the link into his post?

For security reasons I do not want to click e.g. URLs that have been shortened or URLs which take me somewhere (sorry for my English).
This is HA. Not the Jerry Springer Show.

  • Yirkha
  • [*][*][*][*][*]
  • FB2K Moderator
forum's behavior related to linked images
Reply #1
This is done by the forum software automatically when an image exceeds some dimensions - but on the client's side, using JavaScript. No link is shown, because when clicked, it only runs a script again, which opens the image in a new window. The opened page is the same image as shown below the header, only in full size, while in the post, it's resized down (by your browser) to not take much space. Because it's the same URL and same image, it loads immediately in the new window. So it can't be any worse what's already shown or take you to another unrelated site.
Full-quoting makes you scroll past the same junk over and over.

  • Robertina
  • [*][*][*][*][*]
  • Banned
forum's behavior related to linked images
Reply #2
But I assume that the complete (possibly malicious) code of the website which hosts the image only then is executed when I am visiting it or is this wrong?

Thank you for your reply.
This is HA. Not the Jerry Springer Show.

  • Yirkha
  • [*][*][*][*][*]
  • FB2K Moderator
forum's behavior related to linked images
Reply #3
The poster always writes just [‍img]http://www.example.com/image.jpg[/img], which is always presented like <img src="http://www.example.com/image.jpg" ... /> in the HTML when someone views the thread, a plain inline image. If you don't have JavaScript available/enabled, it stays like that, just an "unclickable" image shown in your browser.

If JS is available, a script is executed after the topic page loads, which looks at all images in posts and if their dimensions are greater than certain number of pixels, it resizes them (only by your browser, they have been already downloaded in their full resolution from the original URL) and adds that black bar with the abovementioned message. When you click it, it opens the original image, http://‍www.example.com/image.jpg, in a new window. It's still the image itself, there is no other possibly malicious link present and no other link could be derived from it. Hence if you click that bar, you'll get only what you already see, nothing else.

(I'd have it rather just enlarge the image in place instead of opening in a new window, but that's just a personal preference.)
  • Last Edit: 31 October, 2009, 09:10:14 PM by Yirkha
Full-quoting makes you scroll past the same junk over and over.

  • Robertina
  • [*][*][*][*][*]
  • Banned
forum's behavior related to linked images
Reply #4
Thank you for you explanation.

Quote
(I'd have it rather just enlarge the image in place instead of opening in a new window, but that's just a personal preference.)

I would also prefer this.
This is HA. Not the Jerry Springer Show.