Demaestro - 4:08 pm on Jan 26, 2011 (gmt 0)
When a user visits your site you can use HTTP response codes to determine if they are logged into a host of websites.
Suggestions to use this data in a "white hat" manner is if they are logged into Gmail and you have an email field in a form you can pre-populate it with @Gmail.com
A very interesting idea.
I generated the URL in the "src" attribute by logging into my own GMail account, then going into the general settings and uploading a picture in the "My Picture" section. I then ticked the "Visible to everyone" checkbox, and right clicked the uploaded image to get the image location. Fetching the content at that URL does two different things depending on whether or not you're logged into GMail. If you are logged into GMail, it returns an image. If you're not logged into GMail, it redirects to a HTML page. This is why the img tag in my example above works. "onload" is triggered if an image is returned, but "onerror" is triggered otherwise.
I tested this technique in Firefox, Safari, Chrome, Opera and various versions of Internet Explorer and it worked in them all. I reported it to Google and they described it as "expected behaviour" and ignored it.