there is no x-frame header on https://developer.pidgin.im/ which can cause a clickjacking (http://en.wikipedia.org/wiki/Clickjacking) attck with user account. -- Manish Bhattacharya http://manishbhattacharya.com