As you may know that, email clients and webmails usually disable auto-loading of external images (and others) to prevent spammer getting confirmation of the reading activity.
There are usually an external image with a unique URL to a image that spammers will know which emails are read, which addresses are active, when the image being loaded.
DNS-Prefetch won't load any URL, and it won't submit any request to the web server. However, it will submit request to DNS server.
If spammer improve the method, by adding a link to a URL with a sub-domain which is unique? (possible for wildcard DNS)
Then a request (confirmation) might send to the spammer when you opening the email, without your permission.
Lucky, it seem that the DNS-prefetching is disabled by default in HTTPS.
Ref: http://codemonkeyism.com/google/
沒有留言:
發佈留言