Robin Linus (via Jeff Atwood): For most web platforms there’s a way to abuse the login mechanism to detect whether a user is logged in to that service. […] Well, the [Same Origin Policy] is strict for HTML pages, but it allows to receive images from other origins! So if the resource in the next … Continue reading favicon.ico Is a Privacy Leak