This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Support
Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Implement frame busting protection

vodzl
New member
‎12-13-2022 11:42 PM
Status: New idea

Hello,
I am kind surprised that Firefox still doesn't not have it.
Chrome used to have this feature as a flag sometime ago and they have enabled by default years ago.
It was named "Frame busting requires same-origin".
It protects from:

1 doorways and similar stuff that are embedded, framed into another site. Example, I have recently visited a site that has a blogspot page embedded and that page had a doorway to adult content so when i visited a site that embedded broke top frame and redirected to an adult content site, was i happy to see it - nope. 

2 Expired domains and bad configured sites. I have noticed that some expired domain landing pages are frame breakers and i when a site has third party content from expired domain then it also breaks a top frame.
I have not found any about:config option that fix this issue.

I can provide more examples if needed but lets start with this one:
http://ndossougbe.github.io/web-sandbox/interventions/3p-redirect  
Test it with Chrome and Firefox.

See more ideas labeled with:
Comment
1 Comment
Status changed to: New idea
Jon
Community Manager
Community Manager
‎12-14-2022 06:56 AM
‎12-14-2022 06:56 AM

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

Copyright © 2024 Khoros, LLC