busting-frame-busting-a-study-of-clickjacking-vulnerabilities-on-popular-sites-slides
busting-frame-busting-a-study-of-clickjacking-vulnerabilities-on-popular-sites-slides
busting-frame-busting-a-study-of-clickjacking-vulnerabilities-on-popular-sites-slides
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Summary<br />
• All <str<strong>on</strong>g>frame</str<strong>on</strong>g><str<strong>on</strong>g>busting</str<strong>on</strong>g> code out there can<br />
be broken across browsers in several<br />
different ways<br />
• Defenses are <strong>on</strong> the way, but not yet<br />
widely adopted<br />
• Relying <strong>on</strong> referrer is difficult<br />
• If JS is disabled, d<strong>on</strong>’t render the page.<br />
• Framebust your mobile <strong>sites</strong>!