svenha
commented
6 months ago DENY is more secure than SAMEORIGIN. I opened a pull request: #106
Open svenha opened 6 months ago
svenha
commented
6 months ago DENY is more secure than SAMEORIGIN. I opened a pull request: #106
All Hop websites (without any special configuration) are vulnerable to click jacking (or UI redress attack). Can we please have a default http header? For example,
see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options