Consider setting X-Frame-Options header

ualibraries / Guide-on-the-Side

The University of Arizona Libraries will no longer provide support for Guide on the Side. The code will remain openly available; however, UAL can no longer provide code fixes or upgrades.

https://ualibraries.github.io/Guide-on-the-Side/about.html

Other

66 stars 48 forks source link

Consider setting X-Frame-Options header #163

Closed caosborne89 closed 7 years ago

caosborne89 commented 7 years ago

In order to prevent Cross-Frame Scripting, maybe we should set the X-Frame-Options header to DENY on pages that are particularly vulnerable to that sort of attack (i.e. login).

caosborne89 commented 7 years ago

Fixes have been merged. Closing the ticket.