Y
Hacker News
new
|
ask
|
show
|
jobs
by
pbreit
4466 days ago
Sounds more like a design decision. Do you have any suggestions besides not using iframes?
1 comments
homakov
4466 days ago
No, since there's no way to check iframe's domain I don't think it can be fixed
for iframes
.
They should stop asking for user's password right there, because it makes people trust
any iframe
link
fatbat
4465 days ago
Maybe they can force login via their main site first. Lousier user experience though.
link
moe
4465 days ago
Lousy user experience is not being able to verify what site I'm about to enter my payment credentials into.
link
pbreit
4465 days ago
It would be a terrific experience if there was no reason to worry.
link
They should stop asking for user's password right there, because it makes people trust any iframe