If they don't have X-Frame-Options the attacker can also just use a 1x1 iframe o... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

chadscira on Jan 16, 2017 | parent | context | favorite | on: Stealing passwords from McDonald's users

If they don't have X-Frame-Options the attacker can also just use a 1x1 iframe on a popular website or shitty ad network to trigger that page to load

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact