O'Reilly logo

Web Security by Hanqing Wu, Liz Zhao

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5

Clickjacking

In 2008, security experts Robert Hansen and Jeremiah Grossman discovered an attack called clickjacking (click to hijack). This attack affected almost all desktop platforms, including IE, Safari, Firefox, Opera, and Adobe Flash. The two discoverers planned to demonstrate it in the OWASP security conference, but all manufacturers (including Adobe) demanded not to release the attack before a solution to counter it was found.

5.1 What Is Clickjacking?

Clickjacking is a malicious technique that visually deceives the user into clicking on something different than what is perceived. An attacker uses a transparent, invisible iframe over an authentic web page and then allures the user to operate on that page. The users are led ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required