I just came back from the first day of OWASP AppSec Asia 2008 in Taipei. Beside two t-shirts, I got to be among the first privilege group to preview Robert Hansen’s presentation on Clickjacking. The show is scheduled for the second day, tomorrow, but I have to fly to Kuala Lumpur. How lucky am I!
Getting back to the issue, clickjacking basically borrows the user’s mouse click to click on another unintended object such as a link, or a button. For example, the website shows you a link, you click on it thinking that you will be taken to the intended location. But hey, the browser sends a request to another location!
Thank you Robert for the preview. It was way cool!
For the HITB 2008 KL goers, Jeremiah Grossman will be presenting the keynote “The art of Click Jacking” on the first day. And I will see you there too.