12 Dec 2013

Mozilla advises webmasters to implement X-Frame-Options security header

Author: ColinAndrews34 | Filed under: About

In light of overall low adoption of HTTP security headers, Mozilla is advising webmasters to at least implement X-Frame-Options on their sites, arguing that this header can prevent several types of attacks. The X-Frame-Options is an HTTP response header that allows webmasters to define if and how their websites can be loaded into frame elements on other sites. It comes with three options: ALLOW, DENY and SAMEORIGIN, the latter meaning a page can only be framed by other pages with the same origin—same domain, URI scheme and port

See the original article here:
Mozilla advises webmasters to implement X-Frame-Options security header

Tags: , , , , , , , , , ,

Leave a Reply

*