11

If you create a button using PayPals selling tools you are then presented with auto-generated HTML after filling in the details of the particular product you want to sell. At the bottom of this generated code is this strange piece of HTML:

<img alt="" border="0"
src="https://www.paypalobjects.com/*****-***-******-*/en_GB/i/scr/pixel.gif"
width="1" height="1">

What is this used for? It seems to serve no purpose, in fact, if i delete it, the script still seems to run fine.

Gary Willoughby
  • 50,926
  • 41
  • 133
  • 199
  • `` tags can be used as a cross-domain alternative to XHR to fetch data, as well as "submitting" data, when the data is encoded in the URL. – Ates Goral Apr 05 '11 at 09:48

3 Answers3

5

I think Tom Gullen is right and the one-pixel image is there for tracking purposes. While trying to answer the same question I found the following article that is probably worth reading: http://en.wikipedia.org/wiki/Web_bug. Especially this part: "Originally, a web bug was a small (usually 1×1 pixel) transparent GIF or PNG image (or an image of the same color of the background) that was embedded in an HTML page [...] Whenever the user opens the page with a graphical browser or email reader, the image or other information is downloaded. This download requires the browser to request the image from the server storing it, allowing the server to take notice of the download."

Jeroen
  • 839
  • 13
  • 20
  • See also [answer](http://stackoverflow.com/a/12294238/52499) for [related question](http://stackoverflow.com/questions/12293319/paypal-pixel-gif-do-i-need-it). – x-yuri Dec 04 '15 at 15:42
1

It probably is sending data back to Paypal for tracking purposes. I would leave it in, it's highly unlikely to be malicious and might benefit you in the way of tracking stats etc.

It's also utilising an HTTPS connection so any data being sent to the Paypal server is secure.

Tom Gullen
  • 61,249
  • 84
  • 283
  • 456
  • 2
    Good point. The HTTPS is probably there in case the image is embedded in a page that is served with HTTPS - most browsers prompt if a HTTPS page includes non-HTTPS content. – Paul Stovell Apr 05 '11 at 09:49
0

I'd guess one of two reasons:

  1. In the olden days (2001) we used to use 1px images to make sure borders between objects appeared properly (e.g., in a table). They might do it in case the HTML is embedded on a very outdated web design.
  2. If it includes any kind of ID, they may be using it to gather statistics on how often your button is rendered (perhaps to gauge your click-through rate).
Paul Stovell
  • 32,377
  • 16
  • 80
  • 108