[wp-trac] [WordPress Trac] #12293: Frame Busting in the Admin
WordPress Trac
wp-trac at lists.automattic.com
Fri Feb 19 21:03:49 UTC 2010
#12293: Frame Busting in the Admin
--------------------------+-------------------------------------------------
Reporter: ryan | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.0
Component: Security | Version:
Severity: normal | Keywords:
--------------------------+-------------------------------------------------
We discussed this before when Twitter was suffering from the iframe
clickjacking attacks. Such attacks are much harder to do on individual WP
sites than on big sites like Twitter and wp.com. They are still possible
though, so we should consider integrating frame busting. The problem is
that frame busting does break some plugins. Plugins would need API to turn
of frame busting for their pages and would have to update to use that API.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12293>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list