From gbhackers.com
![](https://cert.bournemouth.ac.uk/wp-content/uploads/2024/04/image-10-1024x576.png)
The Web Platform is incredibly powerful, but regrettably, malicious websites will do all in their capacity to misuse it.
To prevent such exploitation, blocking actions that weren’t accompanied by a “User Gesture” is one of the weakest (but easiest to implement) defenses.
Gestures are a weak primitive because, although it is easy to determine whether a user has clicked or pressed a key, they do not suit the design objective of clearly conveying a user request well.
A more certain method of deceiving users is gesture-jacking, which eliminates the need for accurate window position, precise click timing, and the random nature of the user’s display settings.