Bugtraq mailing list archives
Re: [Full-disclosure] silly PoCs continue: X-Frame-Options give you less than expected
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Sat, 10 Dec 2011 18:05:12 -0800
Interesting stuff indeed. However, I don't see you talk about a solution. Why is that?
Because it's bugtraq / full-disclosure, where people generally talk about vulnerabilities... I'm not sure I follow your drift about Firefox, I don't believe it's mentioned anywhere.
Anyhow, correct me if I'm wrong, but this concept won't work when the attacked site requires multiple user interaction, right? As in, the user will notice something amiss the second time.
Why? /mz
Current thread:
- Re: [Full-disclosure] silly PoCs continue: X-Frame-Options give you less than expected Michal Zalewski (Dec 12)