Simon Willison’s Weblog

Blogmarks tagged clickjacking, noscript, security, javascript

Filters: Type: blogmark × clickjacking × noscript × security × javascript ×


Dealing with UI redress vulnerabilities inherent to the current web (via) The best explanation of clickjacking I’ve seen yet, complete with discussion of a number of non-ideal potential solutions. It looks like frame busting JavaScript will defeat it, but only for users who have JavaScript enabled—which means that in this case extensions like NoScript actually make you less safe. UPDATE: NoScript is smarter than I thought; see the comments. # 7th October 2008, 9:59 am

Types

Years

Tags