- From: Giorgio Maone <g.maone@informaction.com>
- Date: Sun, 05 Apr 2009 08:09:54 +0200
Peter Kasting wrote, On 05/04/2009 0.54: > On Sat, Apr 4, 2009 at 12:56 PM, timeless <timeless at gmail.com> wrote: > > >> sounds like a security nightmare. >> > > > Can you be less vague? We've had a number of security people vet this > already, so specific complaints would be very helpful. > > PK It would make clickjacking attacks more precise, by exactly positioning the frame content where the attacker wants it to be. Not that you cannot already be pixel-precise by using absolute positioning inside an overflow: hidden div... Let's say it would make them even more script-kiddies friendly. -- Giorgio Maone -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090405/45a6faa9/attachment.htm>
Received on Saturday, 4 April 2009 23:09:54 UTC