Hacker News new | ask | show | jobs
by elithrar 4129 days ago
I think you might be confusing "click to play" in a Flash video/app vs. the browser-enforced "click to play", which in Chrome/Firefox prevents the plugin from running in that tab to begin with.
1 comments
anon1385 4129 days ago
He is referring to the fact that in Chrome click to play has no security effect at all - pages can click jack you to activate it.

To quote a Chrome developer: "Click to play is not actually a security boundary. In particular, it has always been subject to click-jacking."

https://code.google.com/p/chromium/issues/detail?id=174963

link