A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Security Working Group of the IETF.
Title : HTTP Header X-Frame-Options
Author(s) : David Ross
Tobias Gondrom
Filename : draft-ietf-websec-x-frame-options-01.txt
Pages : 9
Date : 2012-10-22
Abstract:
To improve the protection of web applications against Clickjacking
this standard defines an http response header that declares a policy
communicated from a host to the client browser on whether the browser
must not display the transmitted content in frames of other web
pages. This drafts serves to document the existing use and
specification of X-Frame-Options.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-01
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-x-frame-options-01
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
