[SLING-5393] Add default X-Frame-Options header to defende against Clickjacking - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: Engine 2.4.6
Component/s: Engine
Labels:
None

Description

According to https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet X-Frame-Options Response Headers is a good way to defend against Clickjacking since is well supported by major browsers

Attachments

Activity

People

Assignee:: Antonio Sanso

Reporter:: Antonio Sanso

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 21/Dec/15 09:01

Updated:: 08/Jan/16 08:14

Resolved:: 23/Dec/15 19:22