Bug#898822: [RFC] Detect data embeded image in html like file

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#898822: [RFC] Detect data embeded image in html like file
From: Bastien ROUCARIES <roucaries.bastien@gmail.com>
Date: Wed, 16 May 2018 11:23:26 +0200
Message-id: <[🔎] CAE2SPAa5-AroTRZH1ak1ZhzrPyncm2PVUaNhkawTopEBg9+byw@mail.gmail.com>
Reply-to: Bastien ROUCARIES <roucaries.bastien@gmail.com>, 898822@bugs.debian.org

Package: lintian
Version: 2.5.86
Severity: minor


Hi,


This is maybe a hot topic, so ask for comment

A not so well know feature of html format is the DATA uri scheme that
allow to embded some stuff like image in html file (see
https://en.wikipedia.org/wiki/Data_URI_scheme).

I am sure that base64 encoded stuff like image are not considered as
prefered form of modification, and I believe that lintian should
detect in source file this kind of use, in order to help ftpmaster
work.


They are also security implication and I think it is good to detect
this kind of stuff.

It is easy to implement:
- first move to files.pm privacy-breach logic detection to common
library (this one I need help)
- detect the base64 encoding in privacy-breach logic
- warn pedantically in files.pm for base64 and error in cruft.pm

Any comments ?

Bastien

Reply to:

Follow-Ups:
- Bug#898822: [RFC] Detect data embeded image in html like file
  - From: Chris Lamb <lamby@debian.org>

Prev by Date: Bug#898431: please update version of file(1) on lindsay.debian.org to detect .wasm files
Next by Date: Bug#898822: [RFC] Detect data embeded image in html like file
Previous by thread: Bug#898809: lintian -F internal error: cannot run shared-libs check on package binary
Next by thread: Bug#898822: [RFC] Detect data embeded image in html like file
Index(es):
- Date
- Thread