logoalt Hacker News

I Stored a Website in a Favicon

90 pointsby theanonymousonetoday at 5:33 AM28 commentsview on HN

Comments

Tepixtoday at 6:30 AM

Instead of going via pixels, why not use a SVG favicon and directly store markup inside it and extract it?

Use this favicon.svg:

    <svg xmlns="http://www.w3.org/2000/svg">
    <circle cx="50%" cy="50%" r="50%" fill="orange"/>
    <p>hello HN!</p>
    </svg>
use this in your <head> to use a svg favicon:

    <link id="favicon" rel="icon" href="favicon.svg" type="image/svg+xml">
finally, use this in your <body> to extract it and add it to your document body:

    <script>
    fetch(favicon.href).then(r => r.text()).then(t => document.body.innerHTML += t.match(/<p[\s\S]*p>/)[0]);
    </script>
show 3 replies
Walftoday at 6:44 AM

PNG has comment chunks tEXt, zTXt, and iTXt. You can have a completely normal image whose file is stuffed with as much content as you want. That is less fun, I suppose.

show 1 reply
sheepttoday at 6:19 AM

You can use the favicon cache as storage too, by redirecting users across domains. It's been proposed as a potential fingerprinting risk[0], and if a browser naively reuses the cache for incognito mode, it could be used to track users across browser profiles.

[0]: https://www.schneier.com/blog/archives/2021/02/browser-track...

esquivaliencetoday at 7:22 AM

I found the agressively staccato, clearly LLM-generated content extremely difficult to read.

show 4 replies
franciscoptoday at 6:05 AM

Is this timing coincidence? I just submitted 1h (30 mins before this) ago a website I just made about storing your stock porfolio in a URL + favicon!

https://news.ycombinator.com/item?id=48606396

neon_metoday at 8:02 AM

Is it cake? Game for devs.

soanvigtoday at 7:31 AM

Honestly it didn't interest me, but I do remember from back in the days full websites rendered by a browser from... Empty files. https://mathiasbynens.be/notes/css-without-html

beardywtoday at 6:52 AM

I would have used a minimal service worker to unpack the web data and present it as if it were just a normal page being loaded.

superjosetoday at 5:53 AM

Pretty cool tbh!!! Would have loved seeing the decoder code!!!

It's also pretty interesting to think how an attacker could exploit images on his behalf. Never thought that would be a way!!!

Thanks!

show 1 reply
bozdemirtoday at 6:30 AM

Very cool. I wonder is it possible to make a simple game with also leveraging the webassembly?

show 1 reply
scoottoday at 7:28 AM

Would have been more fun if the blogpost was rendered from the favicon.

ab_wahab01today at 7:01 AM

Fascinating concept! Thanks for sharing this!

fitsumbelaytoday at 6:54 AM

very cool and interesting after reading just the title I wrongly assumed this would be about svg

jibaltoday at 7:00 AM

Surprised that a minimal "website" only requires a small image = few pixels = few bytes to store it? Um, ok.

pizzaballstoday at 8:03 AM

[dead]

anujshashimal98today at 5:36 AM

Great!

shaharamirtoday at 6:48 AM

Amazing!