Thank you. I am deploying to tomcat. I tried the method suggested by owasp, of putting their class in my deploy and then putting the proper filter config in the web.xml, but it did not add the header when i inspected via chrome developer tools.
On Friday, October 31, 2014 4:12:32 PM UTC-4, Eric Eslinger wrote: > > This is the kind of thing that needs to be set on the server side, rather > than on the client side, as I understand it. So it depends a lot on how > you're serving up your angular partials and stuff. > > On Fri Oct 31 2014 at 1:09:41 PM Nathan Weinrich <[email protected] > <javascript:>> wrote: > >> Here is the motivation for this. >> https://www.owasp.org/index.php/ClickjackFilter_for_Java_EE >> >> >> On Friday, October 31, 2014 1:00:02 PM UTC-4, Nathan Weinrich wrote: >>> >>> I need to set the x-frame-options on my partial responses. I can not >>> find how to do this anywhere. All i find i how to set it in java or on the >>> $http calls, but nothing on the partials i return to the browser. Which >>> are the once susceptible to clickjacking attacks. >>> >>> thanks! >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "AngularJS" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To post to this group, send email to [email protected] >> <javascript:>. >> Visit this group at http://groups.google.com/group/angular. >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/d/optout.
