- From: Sigbjørn Vik <sigbjorn@opera.com>
- Date: Fri, 20 Feb 2009 16:22:39 +0100
On Fri, 20 Feb 2009 16:00:09 +0100, Giorgio Maone <g.maone at informaction.com> wrote: > Sigbj?rn Vik wrote, On 20/02/2009 15.46: >> There is currently little protection against clickjacking, the >> x-frame-options is the first attempt. > Nope, it's the second and weakest: > http://hackademix.net/2008/10/08/hello-clearclick-goodbye-clickjacking/ > http://noscript.net/faq#clearclick I stand corrected. I was thinking too narrow-mindedly, from a browser vendor perspective. Frame busting is another existing alternative. -- Sigbj?rn Vik Quality Assurance Opera Software
Received on Friday, 20 February 2009 07:22:39 UTC