- From: Rowan Nairn <rnairn@gmail.com>
- Date: Fri, 5 Feb 2010 15:12:30 -0800
On Fri, Feb 5, 2010 at 2:46 PM, Boris Zbarsky <bzbarsky at mit.edu> wrote: > On 2/5/10 5:40 PM, Rowan Nairn wrote: >> >> - don't introduce new security issues like susceptibility to phishing >> attacks > > .... > >> - The main URL bar should display the framed URL i.e. >> http://destination-site.com/ > > I'm having a really really really hard time reconciling these two, > especially in the cases when the <iframe main> is not actually visible (e.g. > is visibility:hidden). An alternative is to drop this requirement. It is not necessary to replace the main URL bar as long as the URL of the framed content is available *somewhere*. I wouldn't want to dictate much about the UI to vendors but maybe the requirement would be more like: - The UA must prominently display the URL of the framed page somewhere while making it clear to the user that the main URL is that of the overlay page. I agree that it's a very difficult UI problem. Understanding one URL is hard enough for many users. Rowan
Received on Friday, 5 February 2010 15:12:30 UTC