NomikOS - 6:33 pm on Nov 22, 2011 (gmt 0)
enigma1 the 3rd party content ALWAYS is framed. I can't control that. To be straight we are talking about code that it is called with a couple of js lines in the client page. This js lines dynamically creates an iframe to load their content. So the content that I want access always is inside of an iframe.
This can be controlled (by the 3rd party) with X-Frame-Options (HTTP headers) that assure that the code is in inside a page served by the owner. So it can't be modified in any way. That together [en.wikipedia.org...] that do not allow (some actions, not all) cross-site coding makes impossible "click over a button inside a dinamically loaded iframe containing 3rd party content"
That is what I am understanding now more and better.