CSE HTML Validator

Support Forum

Skip to content

Click jacking

For topics about current BETA or future releases, including feature requests.
Post a reply

Postby thacker abcdefg » Thu Feb 19, 2009 4:12 pm

Albert--

On a separate issue, I don't know if it is worthwhile or not to throw a warning message if the 'click jacking' response header or its meta tag for IE8 is not present within content.
thacker abcdefg
Rank I - Novice
Rank I - Novice
 
Posts: 16
Joined: Tue Jul 31, 2007 6:34 pm
Top

Postby MikeGale » Thu Feb 19, 2009 7:07 pm

Hi Thacker,

I haven't come to a conclusion on this yet.

Like you say elsewhere it's difficult.

In my view it's too complex.

Code: Select all
User can opt in to a "black list".
The black list is only the arbitrarily decided most popular sites.
That black list is (presumably) added to when it "flips out".
You have to revise sites if some pages fail and others don't.  (If you need to do that do you just mark the pages where you need NIE7M?...)
Cleaning up the web is long overdue and this will achieve some of that.  (Which I applaud.)
As I have found valid pages can trip this NIE7M thing.  (If there's a lot of that it undermines everything.  We should not pay for failures of the parser.  But it's not released yet!)


Smart developers have got to decide on a strategy. One that looks reasonabale to me is: Check every page / page set. If some need IE7 mark them as such, leave others alone.

If there is a check it should maybe be turned off by default, so that those who don't already know about this stuff aren't forced to confront it until they're ready!
User avatar
MikeGale
Rank VI - Professional
Rank VI - Professional
 
Posts: 612
Joined: Mon Dec 13, 2004 2:50 pm
Location: Tannhauser Gate
Top
Post a reply

Return to CSE BETA Talk

Who is online

Users browsing this forum: No registered users and 2 guests

Powered by phpBB

CSE HTML Validator Home | Online HTML Validator / Syntax Checker (new window)