W3C home > Mailing lists > Public > whatwg@whatwg.org > September 2008

[whatwg] Dealing with UI redress vulnerabilities inherent to the current web

From: Toby A Inkster <mail@tobyinkster.co.uk>
Date: Thu, 25 Sep 2008 20:33:45 +0100
Message-ID: <DEB0C0BA-CC52-4567-8913-C19136E02DF1@tobyinkster.co.uk>
Michal Zalewski wrote:

> 3) Add an on-by-default mechanism that prevents UI actions to be taken
>     when a document tries to obstruct portions of a non-same-origin  
> frame.

Something like focus-follows-mouse plus autoraise for IFRAMEs might  
work.

-- 
Toby A Inkster
<mailto:mail at tobyinkster.co.uk>
<http://tobyinkster.co.uk>
Received on Thursday, 25 September 2008 12:33:45 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:05 UTC