You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2016/03/28 20:57:25 UTC
[jira] [Created] (KNOX-700) Add Clickjacking Protection to
WebAppSec Provider
Larry McCay created KNOX-700:
--------------------------------
Summary: Add Clickjacking Protection to WebAppSec Provider
Key: KNOX-700
URL: https://issues.apache.org/jira/browse/KNOX-700
Project: Apache Knox
Issue Type: Bug
Components: Server
Reporter: Larry McCay
Assignee: Larry McCay
Fix For: 0.9.0
By adding the X-Frame-Options=DENY header to responses, proxied and hosted applications can control whether they can be embedded within another application through Frame, IFrame or Object HTML elements.
Leveraging this to set them all to DENY adds protection against clickjacking for all proxied and hosted applications within the configured topology.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)