

Ask HN:  How does Facebook prevent websites from clicking the "like" button? - photon_off

It seems like websites could just invoke the JS to "force" the user to click the like button, write a comment, etc.  Anybody know how is this prevented?
======
gojomo
Looks like there's a bunch of arbitrary session/key info in the IFRAME that
the parent window can't predict/access.

