Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-5393

Add default X-Frame-Options header to defende against Clickjacking

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: Engine 2.4.6
    • Component/s: Engine
    • Labels:
      None

      Description

      According to https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet X-Frame-Options Response Headers is a good way to defend against Clickjacking since is well supported by major browsers

        Attachments

          Activity

            People

            • Assignee:
              asanso Antonio Sanso
              Reporter:
              asanso Antonio Sanso
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: