« High spam scores with SpamAssassin
Mediawiki anti-spam suggestion »

Block iframes

Update: Proof of concept

Since discovering the iframe on Yahoo Groups, I’ve been thinking about the possible ill uses of that technique.

Basically, those that have interactive services: You need to disable iframes from working.

Iframes can be used to drop parasites, as well as ads, into services that never intended to become a vehicle for such.

So Yahoo Groups, now’s the time to act!

And any software - forums, guestbooks, wikis, classified - anything out there that allows contributions by people whose character you don’t know, make sure iframes can’t be used!

This entry was posted on Tuesday, December 27th, 2005 at 6:48 am and is filed under Comment spam, Wiki spam, Guestbook issues, Forum spam, Parasites. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Block iframes”

  1. alex Says:
    March 24th, 2007 at 4:52 pm

    so this could potentially be abused to circumvent cookie encryption/certificates it seems… no? if you did a document.getElementById type thing 2 iframes could play off each other. maybe?

Leave a Reply