WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

791

Source: https://archive.md/C88Al

Do not open external links that end with .webp

The attack vector can also be spread through a .webp file renamed as .jpg

If you are using FireFox (or a clone) you can disable webp support:

  • about:config >> image.http.accept, delete "image/webp"
  • about:config >> network.http.accept.default, delete "image/webp"
  • about:config >> set image.webp.enabled to FALSE

You can also use:

Update: webp uploading/linking/viewing are now disabled (and on pic8 as well).

Source: https://archive.md/C88Al ## Do not open external links that end with .webp The attack vector can also be spread through a .webp file renamed as .jpg If you are using FireFox (or a clone) you can disable webp support: * about:config >> image.http.accept, delete "image/webp" * about:config >> network.http.accept.default, delete "image/webp" * about:config >> set image.webp.enabled to FALSE You can also use: * https://addons.mozilla.org/en-US/firefox/addon/dont-accept-webp/ ## Update: webp uploading/linking/viewing are now disabled (and on pic8 as well).

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (39).
[–] 6 pts

also fixed an issue with grabbing the catbox url (one of the pic8.co hosts)

Hey picman, can you disable .webp uploads and add an auto-redirect rule (for the current webp links) to a text image saying that webp is disabled?

[–] [deleted] 4 pts

sure thing (disabling webp uploads and removing the webp images in the db)

Catbox has been disabled on pic8 permanently

[–] 4 pts

and removing the webp images in the db

Ok, so I can do the same on poal then (replace all webp links with that pic8 png image link). No need for a redirect on your side.