- From: Maury Markowitz <maury@sympatico.ca>
- Date: Tue, 2 Jan 2001 10:04:43 -0800
- To: <www-style@w3.org>
> Is there anything to prevent a hostile page[1] from displaying > an apparently authentic target site[2] in an <iframe> with overlaid > content belonging to the hostile site? Well if you attempt to use CSS positioning, keeping your sanity would work it seems. Of course there's nothing stopping people from doing this now, just use HTML inside an OBJECT tag. Or layer another IFRAME on top of the first, and turn off all the borders and such. There's no way to prevent this as-is, and thus I'd like to see it all removed. I lost an entire week of work to this once, and I was trying to provide the user with a _better_ experience. Maury
Received on Tuesday, 2 January 2001 09:53:44 UTC