Clickjacking & Cross-site Scripting Attacks
Clickjacking & cross-site scripting attacks are incredibly famous, and knowing about them is necessary to prevent them as a front-end developer!
Problem: your money gets stolen online… again!!
Imagine you receive an email to a link. You click on it and it opens up to something like this:
Obviously, you’re going to click it. Everyone wants a new guitar! But as soon as you do, all your money from your bank gets stolen! What happened there?
A clickjacking attack! An attacker directed you to their website that had an embedded iframe to your banking website. The opacity of the iframe was cleverly set to zero. When you clicked on the attractive link, you actually ...