Re: I was wondering if CSRF attacks works through images...
Here, this one will log you out of a regular gmail account. 
https://mail.google.com/mail/?logout&hl=en" />
I decided to remove it so everybody doesn't get mad at me.
I decided to remove it so everybody doesn't get mad at me.
Time to start to troll other forums with that as the sig image.
But in all seriousness, I'm surprised Google falls for this. I always imagined they were mostly on top of web design best practices and security.
Some functions are harmless, like log you out. To the worse what would happen is you to have to login again.
You can prevent that with a token, eg: ?logout&hl=en&token=23nikhu so his image wouldn't do nothing missing the token (that should be something random)