Simon Willison’s Weblog

Items tagged clickjacking, twitter, javascript, security, framebusting, chrisshiflett

Filters: clickjacking × twitter × javascript × security × framebusting × chrisshiflett ×

Twitter Don’t Click Exploit. Someone ran a successful ClickJacking exploit against Twitter users, using a transparent iframe holding the Twitter homepage with a status message fed in by a query string parameter. Thiss will definitely help raise awareness of ClickJacking! Twitter has now added framebusting JavaScript to prevent the exploit. # 12th February 2009, 7:56 pm