DISADVANTAGES PRESENTED BY HTML INLINE FRAMES IN INTEGRATION OF 3rd PARTY CONTENT
AbstractAs new virtual structures emerge, new applications, new widgets, new services become available to embed in websites. One of the preferred solutions for embedding 3rd party content is the HTML Inline Frame or iFrame. In this context, the introduction establishes the importance of the matter: major market players like Facebook, Google and Microsoft decided to include this tag in their solutions, but is it safe? Also, what other problems might webmasters face by implementing it? The results of the research, problems and security threats, are classified in five categories: cross-domain communication, reflection attacks with XSS (cross-site scripting), CSS Overlay, URL Redirection and Host Content Dependence. For each group, examples and code samples are provided, where applicable.
Download InfoIf you experience problems downloading a file, check if you have the proper application to view it first. In case of further problems read the IDEAS help page. Note that these files are not on the IDEAS site. Please be patient as the files may be large.
Bibliographic InfoArticle provided by Romanian-American University in its journal Journal of Information Systems and Operations Management.
Volume (Year): 5 (2011)
Issue (Month): 2 (December)
iFrame; security; cross-site scripting(XSS); cross domain; malware;
You can help add them by filling out this form.
reading list or among the top items on IDEAS.Access and download statisticsgeneral information about how to correct material in RePEc.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: (Alex Tabusca).
If references are entirely missing, you can add them using this form.