issues
search
dyne
/
dyne.github.io
GNU Affero General Public License v3.0
0
stars
1
forks
source link
Prevent clickjacking client side
#161
Open
puria
opened
1 month ago
puria
commented
1 month ago
[ ] Double check that there is no way to set CSP directives and/or x-frame-options settings via github pages settings
[ ] Not very secure thing, but can implement frame-busting, client side
thanks Kunal ;p
puria
commented
1 month ago
Some random references:
https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html
https://stackoverflow.com/questions/958997/frame-buster-buster-buster-code-needed
https://auth0.com/blog/preventing-clickjacking-attacks/
puria
commented
1 month ago
thanks Kunal ;p