Authors
Gustav Rydstedt, Elie Bursztein, Dan Boneh, Collin Jackson
Publication date
2010/7/20
Journal
IEEE Oakland Web
Volume
2
Issue
6
Pages
24
Description
Web framing attacks such as clickjacking use iframes to hijack a user’s web session. The most common defense, called frame busting, prevents a site from functioning when loaded inside a frame. We study frame busting practices for the Alexa Top-500 sites and show that all can be circumvented in one way or another. Some circumventions are browser-specific while others work across browsers. We conclude with recommendations for proper frame busting.
Total citations
Scholar articles
G Rydstedt, E Bursztein, D Boneh, C Jackson - IEEE Oakland Web, 2010