Cookie Stuffers on

Discussion in 'Site and Forum Feedback' started by KonichiJ, Aug 29, 2009.

  1. KonichiJ macrumors newbie

    Aug 29, 2009
    Wanted to post this to make moderators/admin at aware of a potentially harmful practice occuring on your forum.

    There are over 4 posts on this forum that include an image link to snagpic.c-m with a 1x1 .gif, including here:

    and here,

    that may contain data that will plant a cookie within one of your visiting guest's, moderator's, or admin's webbrowser for website affiliate programs like or eBay partner network which will earn the offending poster or website if your visitor were to visit that said affiliate program's website to make a purchase. The cookie may override any cookie that your website fairly placed on that user's computer potentially stealing away any earnings that you should have earned.

    This exact same thing happened on my own forum this week. The offending posters had placed the .gif on my website, which after further inspection, did not contain harmful data...but could have at a later date should they decide to manipulate that data for the cookie stuffing method.

    Here are some links on your forum with the clear.gif posts

    Take care,
  2. GoCubsGo macrumors Nehalem


    Feb 19, 2005
    Interesting, there aren't really images on that page aside from the avatars.
  3. KonichiJ thread starter macrumors newbie

    Aug 29, 2009
    The images are so small (1x1 pixel), you can't view them without doing a "view source".
  4. GoCubsGo macrumors Nehalem


    Feb 19, 2005
    So you're saying these are harmful? Sure you know the source of them?
  5. KonichiJ thread starter macrumors newbie

    Aug 29, 2009
    "potentially" as it will be's job to figure that one out. I don't think a .gif or .jpeg could do any real harm to an unsuspecting user's computer but it could harm's bottom line stealing away earnings that could pay for server costs and other expenses for hosting a website.

    Wiki article on cookie stuffing:
  6. xUKHCx Administrator emeritus


    Jan 15, 2006
    The Kop
    Thanks for the feedback, the search results you linked to are from the google cache and were actually deleted from the forums on the 17th of August having only been up for a very short time.

    As you probably realise from your first post the url that the specific case comes from is blocked.
  7. KonichiJ thread starter macrumors newbie

    Aug 29, 2009
    ah, very good. I hadn't gone that far into detail.....

    I just noticed I mispelled macrumors on the thread title.... heh. Anyway, I'm kind of on a mission this morning to find some forums with these posts....looks like you've already taken care of everything here. Take care...
  8. angelwatt Moderator emeritus


    Aug 16, 2005
    Just a note that browsers have a setting to only allow cookies from the site you're visiting, and blocking ones from 3rd party sites, which I believe will keep the cookie stuffing from happening. Below is how to set your browser to not accept third party cookies.

    Firefox: Preferences > Privacy > uncheck Accepts third party cookies

    Safari: Preferences > Security > choose Accept cookies: Only from sites I visit

    Opera: Preferences > Advanced > Cookies (left panel) > choose Accept only cookies from sites I visit

Share This Page