Cheer up everyone, we've got somebody dedicated to writing fullscreen
exploits now :) http://feross.org/html5-fullscreen-api-attack/
Summary: Change blindness may make phishing attacks feasible (displaying a
mock browser/page in fullscreen)
Cause: Switch to fullscreen before user consent.
Fix:
On Tue, 09 Oct 2012 08:43:13 +0200, Florian Bösch pya...@gmail.com wrote:
Cheer up everyone, we've got somebody dedicated to writing fullscreen
exploits now :) http://feross.org/html5-fullscreen-api-attack/
Summary: Change blindness may make phishing attacks feasible (displaying
a mock
On Tue, Oct 9, 2012 at 11:41 AM, Charles McCathie Nevile
cha...@yandex-team.ru wrote:
On Tue, 09 Oct 2012 08:43:13 +0200, Florian Bösch pya...@gmail.com
wrote:
Cheer up everyone, we've got somebody dedicated to writing fullscreen
exploits now :)
On Tue, Oct 9, 2012 at 1:45 PM, Anne van Kesteren ann...@annevk.nl wrote:
On Tue, Oct 9, 2012 at 12:51 PM, Florian Bösch pya...@gmail.com wrote:
TL;DR I don't think you lose anything of value if you move the
confirmation
to before the fullscreen change and you might just inadvertedly