Simon Willison’s Weblog

Blogmarks tagged clickjacking, javascript, chrisshiflett, security, framebusting in Feb

Filters: Type: blogmark × Month: Feb × clickjacking × javascript × chrisshiflett × security × framebusting ×


Twitter Don’t Click Exploit. Someone ran a successful ClickJacking exploit against Twitter users, using a transparent iframe holding the Twitter homepage with a status message fed in by a query string parameter. Thiss will definitely help raise awareness of ClickJacking! Twitter has now added framebusting JavaScript to prevent the exploit. # 12th February 2009, 7:56 pm