- From: Anne van Kesteren <annevk@opera.com>
- Date: Tue, 02 Aug 2011 13:00:48 +0200
On Tue, 02 Aug 2011 12:48:06 +0200, Dennis Joachimsthaler <dennis at efjot.de> wrote: > I agree that just disallowing that the page gets shown is one solution > but I am mainly concerned about reading important information out of > an iframe site. > > Say, there's a site which uses an autologin facility to automatically > log their users in when the site is opened. > > Malicious guy #1 prepares a site that loads the same site in an iframe. You cannot get to that information cross-origin. -- Anne van Kesteren http://annevankesteren.nl/
Received on Tuesday, 2 August 2011 04:00:48 UTC