- From: Michal Zalewski <lcamtuf@coredump.cx>
- Date: Fri, 21 Jan 2011 01:35:15 -0800
- To: gaz Heyes <gazheyes@gmail.com>
- Cc: Giorgio Maone <g.maone@informaction.com>, Daniel Veditz <dveditz@mozilla.com>, Brandon Sterne <bsterne@mozilla.com>, public-web-security@w3.org, Lucas Adamski <ladamski@mozilla.com>
> <http://www.businessinfo.co.uk/labs/test_files/iframe-indicator.png> > > So when some content is intended to be included a web site the > X-Frame-Options:Allow, then the iframe indicator shows and prevents the > iframe from being resized to very small dimensions and it should always > appear on top of any content and within the screen area. What if there are several overlapping frames that meet this criteria all at the same time? There is only one "top" :-) Also, what if a frame is moved underneath the cursor just milliseconds before the user clicks something - in which case, the tooltip appears too late to allow for any meaningful reaction? What if the document is larger than window size? Can the frame be rendered partly off-screen, so that only several pixes are still left on the screen? I can also imagine this colliding in nasty ways with things such as drop-down lists or menus - you don't want "like" buttons to be drawn on top of them :-( /mz
Received on Friday, 21 January 2011 09:36:08 UTC