Leros
Lifer
I'm working on a system to help moderate user provided content. This user provided content contains images which are <img> tags loading images from any random URL the user provides. There will be moderators specifically searching for shady content, so I'm concerned that they'll be loading lots of potentially shady images.
Are there any concerns here? These images are not being loaded via JS so I don't have worry about those kind of exploits. I guess that leaves rendering exploits. Is that a thing to worry about these days?
I was considering building a little image proxy like there is in GMail. Have the server fetch the remote image, transcode it, and then serve the transcoded image to the user. Seems pretty easy to write.
Are there any concerns here? These images are not being loaded via JS so I don't have worry about those kind of exploits. I guess that leaves rendering exploits. Is that a thing to worry about these days?
I was considering building a little image proxy like there is in GMail. Have the server fetch the remote image, transcode it, and then serve the transcoded image to the user. Seems pretty easy to write.
