|
|
|
|
|
|
by talos
4367 days ago
|
|
|
Interesting. I understand that popups might not be supported in certain environments, but it would seem the preferable flow in that case would be to forward to Paypal, authorize, then forward back. I just don't see any way to protect a lightbox from phishing, even if that's only on a subset of devices. I guess I'm not up on the limitations of mobile browsers, but if they really make it so hard to expose the URL, it would seem to re-open a huge array of phishing attacks (and, once these are heavily exploited, mobile browsers will probably get better about exposing URLs.) |
|
|
[1]: https://news.ycombinator.com/item?id=8011614