Simon Willison’s Weblog

Blogmarks tagged framebusting, chrisshiflett, security

Filters: Type: blogmark × framebusting × chrisshiflett × security ×

Twitter Don’t Click Exploit. Someone ran a successful ClickJacking exploit against Twitter users, using a transparent iframe holding the Twitter homepage with a status message fed in by a query string parameter. Thiss will definitely help raise awareness of ClickJacking! Twitter has now added framebusting JavaScript to prevent the exploit. # 12th February 2009, 7:56 pm