And it only took *checks calendar* three years iFrame clickjacking countermeasures appear in Chrome source code.Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use.Be careful what you inline: Defunct video-hosting domain used to inject smut flicks into news articles, more.Since then, applications like social dev environment Codepen and Microsoft's Azure Cosmos DB have encountered problems because they present users with alerts, notifications, and confirmation windows via cross-origin iframes. The deprecation of window.alert, window.prompt, and nfirm from cross-origin iframes took effect with the release of Chrome. And eventually, Google plans to remove these prompt mechanisms completely (from same-origin contexts as well as cross-origin ones), again to prevent potential abuse. By doing so, Google has broken more than a few web apps.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |