- From: Giorgio Maone <g.maone@informaction.com>
- Date: Wed, 18 Feb 2009 21:38:43 +0100
Bil Corry wrote, On 18/02/2009 21.31: > Boris Zbarsky wrote on 2/18/2009 9:27 AM: > >> And really no different from: >> >> <script> >> if (window != window.top) >> window.top.location.href = window.location.href; >> </script> >> >> in effect, right? This last already works in all browsers except IE, >> which is presumably why IE felt the need to add another way to do it. >> > > Supposedly, a future release of IE8 will fix this (see Issue #4): > > http://ha.ckers.org/blog/20081007/clickjacking-details/ > I doubt we'll see a "fix" for <iframe security=restricted> ;) -- G -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090218/ce10f48c/attachment.htm>
Received on Wednesday, 18 February 2009 12:38:43 UTC