Identity/Security/Tos-PP in an iframe

From MozillaWiki
Jump to: navigation, search

Opening Terms of Service and Privacy Policy links in an iframe inside the dialog

See the original discussion on https://groups.google.com/d/topic/mozilla.dev.identity/KWWFBhU0HMY/discussion

Risks

  • ToS or PP page frame-busting and replacing the dialog with a visually identical phishing page

Mitigations

Background