WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

137

Source: https://archive.md/C88Al

Do not open external links that end with .webp

The attack vector can also be spread through a .webp file renamed as .jpg

If you are using FireFox (or a clone) you can disable webp support:

  • about:config >> image.http.accept, delete "image/webp"
  • about:config >> network.http.accept.default, delete "image/webp"
  • about:config >> set image.webp.enabled to FALSE

You can also use:

Update: webp uploading/linking/viewing are now disabled (and on pic8 as well).

Source: https://archive.md/C88Al ## Do not open external links that end with .webp The attack vector can also be spread through a .webp file renamed as .jpg If you are using FireFox (or a clone) you can disable webp support: * about:config >> image.http.accept, delete "image/webp" * about:config >> network.http.accept.default, delete "image/webp" * about:config >> set image.webp.enabled to FALSE You can also use: * https://addons.mozilla.org/en-US/firefox/addon/dont-accept-webp/ ## Update: webp uploading/linking/viewing are now disabled (and on pic8 as well).

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (39).
[–] 2 pts

I haven't checked but it could be if crApple is using ImageIO in Webkit.

[–] 5 pts

-_____-

And of course there's no way to disable only webp support from webkit based browsers such as chromium or brave... https://superuser.com/questions/1451320/disable-webp-format-in-chrome

https://community.brave.com/t/option-to-disable-webp-image-format/44412/4

Jesus christ fuck

>This is probably a Chromium behaviour. So all Chromium based browsers will have the same effect. This would require upstream fix(on Chromium). It would be based on the render engine so whatever fix is required it has to come from upstream.

2019... "maybe they fixed it?"... Answer is likely "my ass".