Simon Willison’s Weblog

Items tagged twitter, javascript, framebusting, security in 2009

Filters: Year: 2009 × twitter × javascript × framebusting × security ×

Twitter Don’t Click Exploit. Someone ran a successful ClickJacking exploit against Twitter users, using a transparent iframe holding the Twitter homepage with a status message fed in by a query string parameter. Thiss will definitely help raise awareness of ClickJacking! Twitter has now added framebusting JavaScript to prevent the exploit. # 12th February 2009, 7:56 pm