W3C home > Mailing lists > Public > public-web-security@w3.org > December 2009

Re: Seamless iframes + CSS3 selectors = bad idea

From: Maciej Stachowiak <mjs@apple.com>
Date: Sun, 06 Dec 2009 01:32:25 -0800
Cc: Adam Barth <w3c@adambarth.com>, Ian Hickson <ian@hixie.ch>, public-web-security@w3.org
Message-id: <3434FDEC-B6BA-49AC-802D-94351BE8CD95@apple.com>
To: sird@rckc.at

On Dec 6, 2009, at 1:22 AM, sird@rckc.at wrote:

> hi!
>
> I understood only members/invited.experts had a real vote in it..  
> anyway
>
> wrt autofocus it enables xss vectors without user interaction (Mario  
> Heiderich/Gareth Heyes).
>

Cn you give me an explanation of the exploit or a link to an  
explanation? I'm not familiar with the issue you are referring to.

Regards,
Maciej
Received on Sunday, 6 December 2009 09:32:59 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 19 December 2010 00:16:01 GMT