- From: Adam Barth <whatwg@adambarth.com>
- Date: Mon, 6 Apr 2009 00:32:10 -0500
On Sun, Apr 5, 2009 at 1:09 AM, Giorgio Maone <g.maone at informaction.com> wrote: > It would make clickjacking attacks more precise, by exactly positioning the > frame content where the attacker wants it to be. > Not that you cannot already be pixel-precise by using absolute positioning > inside an overflow: hidden div... > Let's say it would make them even more script-kiddies friendly. Hum... That doesn't sound that bad. If you're relying on the obscurity of pixel offsets for a clickjacking defense, then you've got bigger problems than scrollIntoView. Adam
Received on Sunday, 5 April 2009 22:32:10 UTC