Re: UI issues for security consideration

I think the wiki should include examples, and I think security community
will be happy to provide them.. if noone opposes against that I'll start
doing so when I find time.

Regarding UI issues, maybe covering LTR/RTL chars on browser's dialog boxes
would be wise on the Spoofing section.

Stuff like:

"The website [URL] wants to be your default homepage, ok? [OK]"

with this input:


will be shown in some browser's dialogs as:

The website wants to show you some cool stuff! check it out: ,egapemoh tluafed rouy eb ot

Some rather popular browser has an issue like this.. and they aint fixing

-- Eduardo

Sent from Hangzhou, 33, China

Received on Saturday, 5 December 2009 14:29:19 UTC