You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Glenn (JIRA)" <ji...@apache.org> on 2014/07/03 12:28:24 UTC
[jira] [Created] (CLOUDSTACK-7061) Cloudstack web-application:
Missing X-Frame-Options header
Glenn created CLOUDSTACK-7061:
---------------------------------
Summary: Cloudstack web-application: Missing X-Frame-Options header
Key: CLOUDSTACK-7061
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-7061
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Affects Versions: 4.3.0
Reporter: Glenn
Priority: Critical
Provides Clickjacking protection. Values: deny - no rendering within a frame, sameorigin - no rendering if origin mismatch, allow-from: DOMAIN - allow rendering if framed by frame loaded from DOMAIN
Advice:
Please add the following header:
X-Frame-Options: sameorigin
Overall score: High
--
This message was sent by Atlassian JIRA
(v6.2#6252)