|
|
|
|
|
|
by Zuiii
1006 days ago
|
|
|
One can avoid the most egregious security concerns (rce) if software vendors use slightly slower libraries to render their images. Avoid libraries written in C. It'll almost eliminate all rce and your users will be safer because of it. |
|
|
If one is concerned about this as an end user, I've seen some extensions that block webp and try to request a png/jpg/etc. version from the host.
I can't attest to how effective it is as I didn't use it long. But it worked with some of the big image hosting sites like imgur.
For me, this was just so I was able to download images in a usable format. Most OSs can't treat webp like normal images, like generating thumbnails or opening a preview app.
That was a few years ago though so maybe things have changed.