Images can be fully embedded inline directly in the HTML. Tor Browser displays them unconditionally, regardless of the permissions.default.image
setting, which if set to “2” indicates images should not be loaded.
An example is demonstrated by the privacy-respecting search service called “dogs”:
If you search for a specific object like “sweet peppers”, embedded images appear in the results. This feature could easily be abused by advertisers. I’m surprised that it’s currently relatively rare.
It’s perhaps impossible to prevent embedded images from being fetched because the HTML standard does not include the length of the base64 blob ahead of it. Thus no way for the browser to know which position in the file to continue fetching from.
Nonetheless, the browser does not know /why/ the user disables images. Some people do it because they are on measured rate connections and need to keep their consumption low, like myself, and we are fucked in this case. But some people disable images just to keep garbage off the screen. In that case, the browser can (and should) respect their choice whether the images are embedded or not.
There should really be two config booleans:
- fetch non-local images
- render images that have been obtained The first controls whether the browser makes requests for images over the WAN. The second would just control whether the images are displayed.