[jira] [Updated] (KNOX-700) Add Clickjacking Protection to WebAppSec Provider

Larry McCay (JIRA) Mon, 28 Mar 2016 19:30:46 -0700

     [ 
https://issues.apache.org/jira/browse/KNOX-700?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Larry McCay updated KNOX-700:
-----------------------------
    Attachment: KNOX-700-002.patch

v002 - cleans up the provider param provisioning

> Add Clickjacking Protection to WebAppSec Provider
> -------------------------------------------------
>
>                 Key: KNOX-700
>                 URL: https://issues.apache.org/jira/browse/KNOX-700
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>             Fix For: 0.9.0
>
>         Attachments: KNOX-700-001.patch, KNOX-700-002.patch
>
>
> By adding the X-Frame-Options=DENY header to responses, proxied and hosted 
> applications can control whether they can be embedded within another 
> application through Frame, IFrame or Object HTML elements. 
> Leveraging this to set them all to DENY adds protection against clickjacking 
> for all proxied and hosted applications within the configured topology.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-700) Add Clickjacking Protection to WebAppSec Provider

Reply via email to