W3C home > Mailing lists > Public > public-css-archive@w3.org > December 2018

Re: [csswg-drafts] [css-nav-1] hostile iframes (#3390)

From: Florian Rivoal via GitHub <sysbot+gh@w3.org>
Date: Mon, 03 Dec 2018 07:57:59 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-443620287-1543823878-sysbot+gh@w3.org>
---

Migrated from https://github.com/WICG/spatial-navigation/issues/58#issuecomment-412061890
Originally created by @annevk on *Fri, 10 Aug 2018 12:01:12 GMT*

---
Feature Policy makes sense for this (for enabling something that's by default disabled).

Is there an attack vector in the other direction? Whereby the embedder can direct the navigation such that it makes clickjacking easier?

-- 
GitHub Notification of comment by frivoal
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/3390#issuecomment-443620287 using your GitHub account
Received on Monday, 3 December 2018 07:58:00 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 06:41:40 UTC