Inappropriate images in avif/webp format sidesteps Image analyzer.
But instead of avif/webp images, we can request to remote server jpg/png image format which is scanned via image analyzer.
Content modifier can rewrite clients' request headers.
Below is an example request headers received from client:
GET /photo-1653794719441-350f63d49de2?ixlib=rb-1.2.1&ixid=MnwxMjA3fDB8MHxwaG90by1vZi10aGUtZGF5fHx8fGVufDB8fHx8&dpr=1&auto=format%2Ccompress&fit=crop&w=1599&h=594 HTTP/1.1
Host: images.unsplash.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:101.0) Gecko/20100101 Firefox/101.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://unsplash.com/
Connection: keep-alive
Cookie: <cookie>
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content modifier rewrites client headers and instead of avif/webp image, it requests remote server for jpg/png image.
Below is the example for request headers after it has been rewritten by content modifier.
GET /photo-1653794719441-350f63d49de2?ixlib=rb-1.2.1&ixid=MnwxMjA3fDB8MHxwaG90by1vZi10aGUtZGF5fHx8fGVufDB8fHx8&dpr=1&auto=format%2Ccompress&fit=crop&w=1599&h=594 HTTP/1.1
Accept: image/png;q=0.5,image/jpg;q=0.5,*/*
Accept-Language: en-US,en;q=0.5
Cookie: <cookie>
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Referer: https://unsplash.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:101.0) Gecko/20100101 Firefox/101.0
Accept-Encoding: gzip, deflate
Host: images.unsplash.com
Connection: keep-alive
Keep-Alive: timeout=6
For validating the policy you can visit https://unsplash.com/ which requests images in avif format.
- image.png (614.37 KiB) Viewed 992 times
- image.png (844.67 KiB) Viewed 991 times
- Slide1.JPG (83.12 KiB) Viewed 900 times