Data URI scheme

The data URI scheme is a uniform resource identifier (URI) scheme that provides a way to include data in-line in web pages as if they were external resources. It is a form of file literal or here document. This technique allows normally separate elements such as images and style sheets to be fetched in a single request, which may be more efficient than multiple HTTP requests. Data URIs are sometimes referred to incorrectly as "data URLs". As of 2015^[update], data URIs are fully supported by most major browsers, and partially supported in Internet Explorer and Microsoft Edge.

The syntax of data URIs was defined in Request for Comments (RFC) 2397, published in August 1998, and follows the URI scheme syntax. A data URI consists of:

An HTML fragment embedding a picture of a small red dot:

A Cascading Style Sheets (CSS) rule that includes a background image:

A JavaScript statement that opens an embedded subwindow, as for a footnote link:

The data URI can be utilized by criminals to construct attack pages that attempt to obtain usernames and passwords from unsuspecting web users. It can also be used to get around site cross-scripting restrictions, embedding the attack payload fully inside the address bar, and hosted via URL shortening services rather than needing a full website that is owned by the criminal.

...
Wikipedia