Comment Re:Pre-fetching requires PERFECT security... (Score 1) 103
Google Instant Pages sounds like it will be rendering the entire page, including images and other external resources. I wouldn't be surprised if it also executed JavaScript, fetched embedded iframes, and anything else that the page would normally do if you clicked on that link. I wonder if it would even follow redirections?
What is to stop a malevolent webmaster from performing redirects to nasty trojan or malware-infected pages if it detects the page is being pre-rendered? If that page contains flash objects, java apps, or other attack vectors on it, I'd think you'd be just as at risk as if you actually visited the site directly.
I could be wrong, though. I haven't thoroughly researched Google Instant Pages, but from what little I've found it seems it will be performing a full page render in anticipation of you clicking on the link to the page.