April Fool's prank broke down Google's own security
According to Netcraft researchers, one such prank that had shown the words, results, images in backward direction has broken down Google's security.
It is always pleasing to see Google pranks on special days. On April fool's day a similar prank by Google has reportedly broken down the search engine giant's own security.
According to Netcraft researchers, one such prank that had shown the words, results, images in backward direction has broken down Google's security. "The prank compromised the site's own security by omitting a crucial header that makes it vulnerable to user interface redressing attack, such as click-jacking," said Netcraft.
Click-jacking lets users to change their user preferences and other similar actions. Researchers have said that the prank would have given an opportunity to the malicious minds to change user settings and even turn off SafeSearch filters.
Netcraft has also explained that the issue stemmed from the way com.google used an iframe to display backwards content from google.com. This would not normally be possible, as google.com uses the X-Frame-Options HTTP response header to prevent other websites from displaying itself within an iframe.
"But for the purpose of the April Fool's joke, Google stepped around this problem by passing the parameter "igu=2? to google.com, which not only told it to display the content backwards, but also instructed the server to omit the X-Frame-Options header entirely," Netcraft has further explained.
You may be pleased to know that Netcraft had reportedly taken up the issue with Google and the issue was later resolved.