Users running a non-download version of Vanilla (pulled from github), on branch release/2019.016 or master from the last 2 weeks should upgrade to release/2019.017 or latest master for security reasons. Downloaded official open sources releases are not affected.

Don't use this theme.

This discussion is related to the Metro addon.

Apart from looking terrible, it also contains an iframe to http://www.geek.lk for no good reason. Doesn't seem to be insidious, but very well could be.

UnderDog

Comments

  • mcu_hqmcu_hq yippie ki-yay Arizona, USA ✭✭✭
    edited February 2013

    @UnderDog

    I don't see any reason why the author would embed a 0px iframe other than to make his own site more attractive for the search engine crawlers. Some people (myself included) will sometimes leave a harmless anchor at the bottom of the theme linking back to their site or whatever, but I think an iframe will actually load the site linked to and display it - regardless of its size! I would consider this insidious since most people are unaware of it due to its 0px height/width.

    The iframe is located at line 51 in default.master.php

    UnderDog
  • OK, I'll take care of it when I get back, can't reach those areas at the moment. Thanks for noticing @VikingCode!

  • 422422 Developer MVP

    I'd imagine its only a means for him to track usage, no different to Vanilla using transparent 1px images for tracking, but nonetheless a bit naughty on a theme

Sign In or Register to comment.