A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Security Working Group of the IETF.
Title : HTTP Header Field X-Frame-Options
Author(s) : David Ross
Tobias Gondrom
Filename : draft-ietf-websec-x-frame-options-02.txt
Pages : 11
Date : 2013-02-25
Abstract:
To improve the protection of web applications against Clickjacking,
this specification describes the X-Frame-Options HTTP response header
field that declares a policy communicated from the server to the
client browser on whether the browser may display the transmitted
content in frames that are part of other web pages. This
informational document serves to document the existing use and
specification of this X-Frame-Options HTTP response header field.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-02
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-x-frame-options-02
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
