DEV Community

Andres Haro
Andres Haro

Posted on

Hack your site

Do you know that you can hack your site by creating an iFrame?

As soon as you get into my repl code, I will invite you to check your site by inserting your URL into the next line "target.src= 'insert your URL'".

iFrames bring security risks, and usability issues:

Security Risks:
1.- You may get a submittable malicious web form, phishing your users' personal data.
2.- A malicious user can run a plug-in.
3.- A malicious user can change the source site URL.
4.- A malicious user can hijack your users' clicks.
5.- A malicious user can hijack your users' keystrokes.

Usability Issues:
1.- It tends to break the browsers' "Back" button.
2.- It confuses visually impaired visitors, using screen readers.
3.- It confuses users, suddenly opening the iframe content in a new browser window.
4.- Content within the iframe doesn't fit in and looks odd.
5.- Content within the iframe is missing since the source URL changed.
6.- Navigation of the site in the iframe stops working.
7.- Every in a page requires increased memory and other computing resources.

Please let me know if you have some questions or concerns and I would be more than happy to help you.

Discussion (0)