Friday, February 11, 2011

Facebook open JavaScript hole

Facebook open JavaScript hole

This is going to be an issue going forward for a large number of users if Facebook doesn't do something different with how they handle applications. Using iframes creates an abstraction that users can't see. The linked Trend Micro blog has this right. Maybe there will be other protections, but at this point it doesn't look good.

Chris