Frame Busting in the Admin
|Reported by:||ryan||Owned by:||ryan|
Description (last modified by ryan)
We discussed this before when Twitter was suffering from the iframe clickjacking attacks. Such attacks are harder and less tempting to do on individual WP sites than on big sites like Twitter and wp.com. They are still possible though, so we should consider integrating frame busting. The problem is that frame busting does break some plugins. Plugins would need API to turn of frame busting for their pages and would have to update to use that API.
Change History (19)
comment:13 @nacin — 5 years ago
- Keywords 3.2-early added; early removed
- Milestone changed from Awaiting Triage to Future Release