false clickjacking warning

Post a reply

In an effort to prevent automatic submissions, we require that you complete the following challenge.
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON

Topic review

Expand view Topic review: false clickjacking warning

Re: false clickjacking warning

by GµårÐïåñ » Thu Apr 02, 2009 11:46 pm

nagan wrote:Pardon my ignorance.What is the report button ,id and how are they generated?

Just to add, the ClickJacking warning pops up only when it detects an even and on the interface there is a "Report" button which when pressed will send the information and give you a report id number. Since you are on windows the message UI you would see is different than the one therube posted but pretty much the same concept and straightforward as to what to do with it when you get it.

Here is a windows example (please disregard the color, I use a dark theme, but it shows the current UI and the buttons and everything):

generated on blogger clicking the toolbar to login

Re: false clickjacking warning

by therube » Thu Apr 02, 2009 12:55 pm

The current UI has a "report" button on the dialog when clickjacking is detected.


Re: false clickjacking warning

by nagan » Thu Apr 02, 2009 12:32 pm

Pardon my ignorance.What is the report button ,id and how are they generated?

Re: false clickjacking warning

by Guest » Thu Apr 02, 2009 12:24 pm

I already used a report but didn't noted the report ID

so I did it again

Report ID 30637


Re: false clickjacking warning

by Giorgio Maone » Thu Apr 02, 2009 12:15 pm

NoScript Version?
Could you use the "Report" button and tell me the assigned Report Id?

false clickjacking warning

by robinx » Thu Apr 02, 2009 12:02 pm

fist my system Kubuntu Jaunty, Firefox 3.1b3, Noscript
I have a strange problem on this site http://www.golem.de/0903/66039.html
When the embedded youtube video has the focus and I tune the volume (Volume UP / DOWN keystrocks) of my notebook I get a clickjack warning

They embedd videos with that code

Code: Select all

<table border="0" align="center" cellpadding="0" 
<script type="text/javascript" src="http://video.golem.de/jwplayer/swfobject.js"></script>
<div id="golyt_IU_reTt7Hj4">&nbsp;</div>
<script type="text/javascript">
var ytp = new SWFObject("http://www.youtube.com/v/IU_reTt7Hj4","golyt_IU_reTt7Hj4_video","480","295","7","#000000");
ytp.addParam("wmode", "transparent");
class="xsmall" align="center"><div style="padding:6px;">
Video: What's in the Box - Test Film 2009

The problems seems to be that line

Code: Select all

ytp.addParam("wmode", "transparent");

When I make a local copy of this site and delete that line I don't get a click jack warning.

also when starting firefox from the command line it prints

Code: Select all

[NoScript] [NoScript ClearClick] Swallowed event keyup on EMBED/-1 at http://www.golem.de/0903/66039.html