Hacker News new | past | comments | ask | show | jobs | submit login

So, what's stopping the wrong site from making those requests to your bank and proxying the image?



The bank sets a cookie on your machine and only displays the image if you have the cookie. You won't get the image on a machine you've never used to log in before.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: