[whatwg] Clickjacking and CSRF

Giorgio Maone g.maone at informaction.com
Fri Feb 20 07:00:09 PST 2009

Previous message: [whatwg] Clickjacking and CSRF
Next message: [whatwg] Clickjacking and CSRF
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sigbjørn Vik wrote, On 20/02/2009 15.46:
> There is currently little protection against clickjacking, the 
> x-frame-options is the first attempt.
Nope, it's the second and weakest:
http://hackademix.net/2008/10/08/hello-clearclick-goodbye-clickjacking/
http://noscript.net/faq#clearclick
--
Giorgio Maone
http://hackademix.net

Previous message: [whatwg] Clickjacking and CSRF
Next message: [whatwg] Clickjacking and CSRF
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the whatwg mailing list