RE: X-FRame-Option

2015-10-30 Thread Walsh, Joseph
From: Mark Eggers [mailto:its_toas...@yahoo.com.INVALID] Sent: Thursday, October 29, 2015 7:38 PM To: Tomcat Users List Subject: Re: X-FRame-Option -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joseph, As per list conventions, I'm posting at the bottom. I'll copy over the relevant parts of your XM

Re: X-FRame-Option

2015-10-29 Thread Konstantin Kolinko
2015-10-29 22:35 GMT+03:00 Walsh, Joseph : > good afternoon all... > > I have been recently been "relocated" within our IT dept and now tasked with > supporting Apache Tomcat on windows... Our cyber dept scanner has identified > my app as vulnerable to clickjacking ... > > Anyone

RE: X-FRame-Option

2015-10-29 Thread Walsh, Joseph
...@gmail.com] Sent: Thursday, October 29, 2015 3:43 PM To: Tomcat Users List Subject: Re: X-FRame-Option 2015-10-29 22:35 GMT+03:00 Walsh, Joseph <jwa...@bnl.gov>: > good afternoon all... > > I have been recently been "relocated" within our IT dept and now > tasked w

Re: X-FRame-Option

2015-10-29 Thread Konstantin Kolinko
2015-10-29 23:03 GMT+03:00 Walsh, Joseph : > Konstantin good afternoon .. > > my servers are being scanned by a "security Center" by Tenable-- > complaining --server is not returning x-frame-option heading -- > I can confirm this with Mozilla firebug.. > > within the

Re: X-FRame-Option

2015-10-29 Thread Mark Eggers
ers.HttpHeaderSecurityFilter > > true > true > SAMEORIGIN > true > > Joe W Email jwa...@bnl.gov > > > -Original Message- From: Konstantin Kolinko > [mailto:knst.koli...@gmail.com] Sent: Thursday, October 29, 2015 > 3:43 PM To: Tomcat Users List S