OK, I’m totally stumped. On my computer (Win7), disabling iframes in IE9 or Opera 10.53 doesn’t actually disable iframes. (I do not know how to disable iframes in Chrome or Safari.)
Firefox does honour the request, but only if I open a new window. (Wish they’d say so somewhere.) Restarting IE or Opera does not make any difference.
See this page that contains the test and explains what I’m trying to do.
Could you please disable iframes in your IE or Opera (instructions on the test page) and do the test? In theory the input field should read No because ... well ... your browser doesn’t support iframes. In practice it reads Yes because even with iframes disabled the browser executes the script in the iframe.
Does anyone know what’s going on? Is this a serious security bug in two browsers or am I overlooking something? (Currently I’m guessing the latter.)
I’m speaking at the following conferences:
Comments are closed.