benjamingr/favicon-bug benjamingr/favicon-bug

  • Stars
    star
    240
  • Rank 168,229 (Top 4 %)
  • Language
    JavaScript
  • Created over 9 years ago
  • Updated over 9 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
benjamingr/favicon-bug
github

benjamingr

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Demonstrates Chrome/Firefox/Safari download 1GB favicons

Favicon Download Bug

This repository demonstrates that browsers will download huge favicon and touch-icon files to the point that they crash and/or bring the computer to a halt - all in the background with no indication to the user that any form of download or networking is happening.

(no spinner)

I originally tested this with Chrome. People have pointed Firefox and Safari do this too, IE does not appear to be affected.

Chrome bug 500639 Firefox bug 1174811 (fixed)

This is what it looks like before crashing on my computer (currently testing on travel laptop with 4gb ram):

Inspired by a tweet by a_de_pasquale.

Running it

  1. Install io.js (NodeJS works too)
  2. Run: node exploit.js
  3. Test your browser by visiting http://localhost:3000 (or if you have process.env.PORT set then that port)

Running it for Apple Touch Icon

  1. Install io.js (NodeJS works too)
  2. Run: node exploit-ios.js
  3. Test on iOS by visiting http://ip-of-computer:3000 and tapping on the share icon (or if you have process.env.PORT set then that port)

More Repositories

1

tmp-promise

A promises port of https://github.com/raszi/node-tmp
JavaScript
124
star
2

PizzaHack

116
star
3

js-restructure

JavaScript matching REs into objects
JavaScript
74
star
4

bluebird-api

Bluebird compatible API on top of native promises.
JavaScript
37
star
5

JS-Monthly-Challenge-Nov-14

Monthly Challenge of the JS room, November 2014.
JavaScript
12
star
6

so-operator-question

Stack Overflow operator question sample code
JavaScript
8
star
7

cancellation-use-cases

Like https://github.com/nodejs/promise-use-cases but for cancellation ^^
8
star
8

Auto-Translate

Translating multiple languages in JS/HTML through JSON seamlessly
JavaScript
7
star
9

interface-js

JavaScript Interfaces with Harmony proxies
JavaScript
4
star
10

v8-natives-api

JavaScript
4
star
11

delta-differ

HTML
3
star
12

agpl-example

2
star
13

benjamins-demo-repo

Some Demo Repo thing
2
star
14

merge-conflict

HTML
2
star
15

blaze-lib

Automatically exported from code.google.com/p/blaze-lib
C++
2
star
16

mentor-student-project

Coordination of the TechCareer mentor student project
JavaScript
2
star
17

SoQuestionHeaders

JavaScript
2
star
18

ctestrunner

C Test Runner
JavaScript
1
star
19

SourceUndeadv2

Updating SourceUndead for modern code and practices.
1
star
20

cancellation-propagation-example

Please don't use this ^^ I have no idea if this idea is good.
JavaScript
1
star
21

js-exercise-weather

Just me having fun with an exercise provided by https://webacademy.co.il/
JavaScript
1
star