A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Security Working Group of the IETF.
Title : HTTP Header X-Frame-Options
Author(s) : David Ross
Tobias Gondrom
Filename : draft-ietf-websec-x-frame-options-00.txt
Pages : 9
Date : 2012-07-03
Abstract:
To improve the protection of web applications against Clickjacking
this standards defines a http response header that declares a policy
communicated from a host to the client browser whether the
transmitted content MUST NOT be displayed in frames of other pages
from different origins which are allowed to frame the content. This
drafts serves to document the existing use and specification of
X-Frame-Options.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-00
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
