What is Digg?142 Comments
- Makaveli604, on 11/10/2007, -2/+57Put goatse for IE6 users?
- richbradshaw, on 10/10/2007, -8/+37http://duggmirror.com
- cresswga, on 10/29/2007, -1/+29but it would allow you to goatse only the people using IE!
- negativefx, on 10/10/2007, -5/+32what i don't get is how this is any benefit to the coder. so the user sees a different picture based on which browser they use, big deal... how does the coder know without scraping web logs?
- inactive, on 10/10/2007, -3/+27Why do people bury mirrors anyway? (Unless of course they dont work)
- sincewednesday, on 10/14/2007, -14/+36Displaying a different image based on your browser isn't quite the same as detecting your browser.
- madwormer2, on 10/10/2007, -2/+23Well, from the server side, have the image actually linked to a server side script (that spits out a 1x1 transparent image). Script sets a session variable. Block out everyone not using your favourite browser.
Easy. Pointless. - jmerox, on 10/14/2007, -2/+22This is kind of interesting I guess, but I'd never use it in practice.
- morphir, on 10/10/2007, -4/+24yeh, it's either a retarded statement or sarcastic.
- inactive, on 10/10/2007, -4/+24seamonkey IS firefox
- kalleanka, on 10/30/2007, -0/+19That is not accurate.
You have not copied the parts like "x00" which would end up as a null byte.
Here is the correct image:
http://duggmirror.com/programming/img_tag_hack_to_ ... - ayeroxor, on 10/10/2007, -2/+20:D-/-<
:D-\-<
:D-/-<
:D-\-< - dieseltravis, on 10/10/2007, -0/+17doesn't this break W3C validation?
- tuxidomasx, on 10/10/2007, -5/+22omg, i wouldnt have believed it if i hadnt seen it with my own eyes
duggmirror actually mirrored a site!
this is like the first time in over 6 months. i do believe a celebration is warranted for this momentous occasion. - tian2992, on 10/10/2007, -2/+19IT is...
Of course, they share Gecko - PulpOutlaw, on 10/30/2007, -1/+16i think this might be a problem with lynx.
- starsky51, on 10/10/2007, -1/+15{[SA]HatfulOfHollow} i'm going to become rich and famous after i invent a device that allows you to stab people in the face over the internet
- arizonagroove, on 10/10/2007, -2/+16Yeah... 'cos writing your website to rely upon bugs in the current versions of various browsers isn't going to cause you pain later...
I really don't see the point of this hack. - secretmode, on 10/20/2007, -12/+25[img
/src="ie.gif"
/''src="firefox1_5.gif"
/''src="firefox2_0.gif"
/""src="gecko_others.gif"
"src="safari2.gif"
"src="safari3.gif"
""src="konqueror.gif"
src="w3m.gif"
src ="opera.gif"
src="others.gif"
src="lynx.gif"
/]
I guess thats just a proof of concept. - picsectionpleez, on 10/10/2007, -0/+13you win sir. And I don't even think goatses are funny.
- enkafan, on 10/10/2007, -5/+17At long last, the ability to display images for different browsers without javascript or CSS hacks has been achieved. Truly a banner day in the history of web development.
- Numbski, on 10/14/2007, -3/+14Yes it is.
Based on what layout gets picked, you can force-set your own equivalent of HTTP_UserAgent, and thus completely ignore Opera's and Firefox's ability to spoof the UserAgent. As someone else pointed out, if a site wants to block Firefox, now they can, regardless of what the UserAgent string says. :( - inactive, on 10/10/2007, -0/+10Bingo, I find it bloody hilarious that the "web standards" zealots spend so much time bending their sites to work purely with CSS yet are happy to break validation like this.
- haentz, on 10/10/2007, -8/+18Thats not quite browser detection. It just shows a different image for each browser. Neat though.
- MasteRR, on 10/14/2007, -1/+10Patch or extension to fix this in 3...2...1...
- Samji, on 10/14/2007, -3/+12Detecting a browser based on bugs in its parser seems stupid to me. They will probably get patched eventually. The only use I can see is that you alert users with browsers with the bug to upgrade when the bugs are patched.
- weevilgenius, on 10/30/2007, -2/+11I think that most people who are posting "how is this useful" comments haven't realized is that this is a proof of concept. Sure, displaying different images based on browser type isn't very useful, but what if you replaced "firefox2_0.gif" with something like "script.php?t=firefox2_0"? Then you can do something useful with the browser information, without needing javascript or UserAgent checks (which of course can be spoofed).
It is unclear to me from the article whether these parsing differences are specific to the img tag or not, but if not, then there are all sorts of other places this would be useful. - gommle, on 10/30/2007, -0/+9Only HTML is seen by the browser. The Perl code is used because you can't just copy/paste the code. I'm sure the same code would work in PHP, if you just changed the syntax to match PHP.
- Mookles, on 10/10/2007, -0/+8Notice how this is more of a 'hack' than anything else, and pretty damn awesome at that, taking every syntax difference among the different browsers to show a different image.
- ayeroxor, on 10/10/2007, -0/+7There's more than one? THE HORROR!
- picsectionpleez, on 10/10/2007, -3/+10duggmirror dance!
- smhill, on 10/30/2007, -0/+7Apparently people are completely missing the point.
It isn't intended to be used for anything. It is just some fun showing how exploit to how browsers render. It has no applicable purpose, nor is it meant to. Like making images with tables or things like that. No need to keep suggesting other ways to do it. It only illustrates that you missed the point. - RyeBrye, on 10/10/2007, -1/+7Yeah, request headers are a lot different from this though. This looks like it's just a big image tag that loads a specific image in based on what the browser actually has. This would get around user agent spoofing, but I don't know why anyone would care.
- rspeed, on 10/10/2007, -0/+6You're absolutely right. This is a horrible practice. It's an interesting proof of concept, though.
- spectre_25gt, on 10/10/2007, -1/+7You say that like it couldn't happen. Have you ever worked in desktop support?
- bradleyland, on 10/30/2007, -0/+6I'd imagine that you could output the result of that Perl code to a file, then send that to a browser and get the same result. Perl is simply being used to stream data to the browser as plain HTML. No special server-side wizardry is happening here. Not to mention, you can't exactly show someone the char x00 without resorting to some sort of programming language.
- jonnyq, on 10/10/2007, -1/+7looks like SOMEONE didn't RTFA
- accessviolation, on 10/10/2007, -1/+6They care because of the exact reason this works. Different browsers parse and render the same HTML/CSS differently. Sometimes it's a bitch to make a completely cross-browser page, and so you need to load a specific page for a specific browser. Of course as people have said, this is proof of concept only.
- picsectionpleez, on 10/10/2007, -0/+5what are you talking about? You can run Perl on Windows, in the sad event that you are forced to.
- fredclown, on 10/10/2007, -0/+5This is absolutely the wrong way to do web development. Exploiting browser bugs to detect browser versions is the reason we are on the mess that we are in now. The browser differences won't stop till people stop using hacks and start using standard practices to make web pages. If the browser is not meant to be used that way ... DONT!! Do it the way it is supposed to be done. It may take you a little more time, but in the end it's gonna save you more time. I learned this the hard way when IE7 came out and I had to go back and fix my pages because of the css hacks that I had used.
- picsectionpleez, on 10/10/2007, -0/+5aw man don't say that..... just think- they will too- those arrogant bastards are just barely smart enough to implement this.
- PleaseBeSerious, on 10/10/2007, -0/+5A server side script can spit out images. Even if you request "naughtygirl.jpg" that image could actually be a request to a server side script (perl, php, etc.). Therefore if I wanted to block firefox and your browser requested the firefox image, the script would write your session info to a database. I would then be able to ban you from further browsing on my site based on your session and/or ip address.
- TeagueSterling, on 10/14/2007, -0/+5You could create a test page based off this, wait for it to be crawled by Google, and see which URLs the Google-bot UA requests.
- thomashauk, on 10/30/2007, -0/+4Proper coding will almost certainly break for IE6...
- PlayWithFire, on 10/10/2007, -0/+4very cool concept
everyone needs to stop bashing and saying "it doesn't do anything"
it's still damn cool - PleaseBeSerious, on 10/14/2007, -0/+4It is kinda hard to check for bugs in Googlebot unless you happen to work at Google.
- SniperX, on 10/10/2007, -0/+4The fact that the browser does different functions makes no difference, firefox IS seamonkey as far as rendering out a webpage is concerned. That is what the above posters meant.
- kmarius, on 10/14/2007, -0/+4It could also be used to serve SVG files for browsers that support them. I think Opera 9.5 supports SVG-files in the img-tag
- SniperX, on 10/14/2007, -0/+3It can be used to serve up different images based on how well the browser supports them as well, such as transparent PNGs or not.
Not to mention, as stated above, you could have separate scripts serve up the image as if the script was the image (IE: img src='firefox20.php').
The technique is what is most amazing though, very well thought out. - andyakadum, on 10/10/2007, -4/+7Sarcastic?
-
Show 51 - 100 of 142 discussions
Check out the new & improved 
© Digg Inc. 2009
— Content created and posted by Digg users is 