Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
jffry
12y ago
0 comments
Save
Share
Just threw together a test case. X-Frame-Options does seem to mitigate the view-source attack:
http://jsfiddle.net/GEynT/2/embedded/result/
0 comments
1 comments · 1 top-level
top
newest
oldest
joshfraser
12y ago
To be clear, the hack is still possible without view-source. It just makes it easier and more generic of a solution.
j
/
k
navigate · click thread line to collapse
