Actually, that 'follow' button it a great clickjacking target, unless
you already follow @britneyspears … which is cool. I'm not here to
judge.
:)
— Matt
On Mar 30, 2009, at 02:52 PM, Ryan wrote:
clickjacking does not really affect pages like http://twitter.com/britneyspears
.
whatever... I understand you got to protect yourself from misuse.
On Mar 30, 5:38 pm, Alex Payne <a...@twitter.com> wrote:
Not until the clickjacking problem is solved by the browser vendors.
End of story.
On Mon, Mar 30, 2009 at 14:31, Ryan <ryan10...@gmail.com> wrote:
I can see that twitter recently has inserted a (graceful) iframe
buster which clears out the html. Why is twitter in iframe such a
bad
thing when the content is public anyways - the rss feed of the
content
is available for consumption?
I know about the clickjacking attack, but that unnecessarily
penalizes
the good applications. Any thoughts on allowing twitter pages in
iframes through registered usage?
--
Alex Payne - API Lead, Twitter, Inc.http://twitter.com/al3x
