http://simonwillison.net/2009-12-23T10:20:43+00:00Simon Willison2009-12-23T10:20:43+00:002009-12-23T10:20:43+00:00https://simonwillison.net/2009/Dec/23/clickjacking/#atom-tag

<p><strong><a href="http://theharmonyguy.com/2009/10/14/the-dangers-of-clickjacking-with-facebook/">The Dangers of Clickjacking with Facebook</a></strong></p> theharmonyguy compiled a list of actions that can be triggered on Facebook by a single click, and hence are vulnerable to clickjacking attacks. The list includes authorising malicious applications, posting links to profiles, sending friend requests and sending messages to other users. Why don’t Facebook include frame busting JavaScript on every page? <p>Tags: <a href="https://simonwillison.net/tags/clickjacking">clickjacking</a>, <a href="https://simonwillison.net/tags/facebook">facebook</a>, <a href="https://simonwillison.net/tags/framebusting">framebusting</a>, <a href="https://simonwillison.net/tags/phishing">phishing</a>, <a href="https://simonwillison.net/tags/security">security</a>, <a href="https://simonwillison.net/tags/theharmonyguy">theharmonyguy</a></p>