Presumably you can do this without filters just by positioning any html you like via position:absolute over the iframe to change it. The way to stop this is to make sure that you set [X-Frame-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Frame-Options) on pages that contain sensitive information you don't want 3rd party's to frame. I.e. It seems to me that there is already a general solution to this problem.
Bug 2004487 Comment 1 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
Presumably you can do this without filters just by positioning any html you like via position:absolute over the iframe to change it. The way to stop this is to make sure that you set [X-Frame-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Frame-Options) on pages that contain sensitive information you don't want 3rd partys to frame. I.e. It seems to me that there is already a general solution to this problem.
Presumably you can do this without filters just by positioning any html you like via position:absolute over the iframe to change it. The way to stop this is to make sure that you set [X-Frame-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Frame-Options) on pages that contain sensitive information you don't want 3rd parties to frame. I.e. It seems to me that there is already a general solution to this problem.