Dougal Campbell's geek ramblings

WordPress, web development, and world domination.

Monthly Archives: November 2014

When GIF serve JavaScript!

By manipulating the GIF headers, one can create a bi-format file which is valid both as a GIF image and JavaScript code. This could allow one to upload an image, then reference it from an html script tag as a local resource, potentially bypassing certain security restrictions.

When GIF serve JavaScript!