W3C home > Mailing lists > Public > public-webappsec@w3.org > December 2012

RE: A11y for Web App Sec Anti clickjacking spec

From: Hill, Brad <bhill@paypal-inc.com>
Date: Wed, 5 Dec 2012 18:46:31 +0000
To: "tink@tink.co.uk" <tink@tink.co.uk>
CC: "public-webappsec@w3.org" <public-webappsec@w3.org>, "w3c-wai-pf@w3.org" <w3c-wai-pf@w3.org>
Message-ID: <370C9BEB4DD6154FA963E2F79ADC6F2E2FE377@DEN-EXDDA-S12.corp.ebay.com>
One question was raised on the PF call. What happens when someone has chosen a personalised colour scheme within their browser (or no other reason than asthetic choice)? Would this have the potential to trigger a false positive too?


[Hill, Brad] Since the browser is rendering both the user and control bitmaps, it should be able to apply the same transformation and personalization to both.  Our main concern is where operating system facilities are used that may apply transforms to the user bitmap that the browser can't replicate in the control image.
Received on Wednesday, 5 December 2012 18:47:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:30 UTC