<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Bil Corry wrote, On 18/02/2009 21.31:
<blockquote cite="mid:499C703E.9010408@corry.biz" type="cite">
<pre wrap="">Boris Zbarsky wrote on 2/18/2009 9:27 AM:
</pre>
<blockquote type="cite">
<pre wrap="">And really no different from:
<script>
if (window != window.top)
window.top.location.href = window.location.href;
</script>
in effect, right? This last already works in all browsers except IE,
which is presumably why IE felt the need to add another way to do it.
</pre>
</blockquote>
<pre wrap=""><!---->
Supposedly, a future release of IE8 will fix this (see Issue #4):
<a class="moz-txt-link-freetext" href="http://ha.ckers.org/blog/20081007/clickjacking-details/">http://ha.ckers.org/blog/20081007/clickjacking-details/</a>
</pre>
</blockquote>
I doubt we'll see a "fix" for <iframe security=restricted> ;)<br>
-- G<br>
</body>
</html>