Clickjacking Defense Cheat Sheet

The following is external content provided as a free resource for blog readers.

The most popular way to defend against Clickjacking is to include some sort of "frame-breaking" functionality which prevents other web pages from framing the site you wish to defend. This cheat sheet will discuss two methods of implementing frame-breaking: first is X-Frame-Options headers (used if the browser supports the functionality); and second is javascript frame-breaking code.

This cheat sheet includes:

  • Defending with X-Frame-Options Response Headers

  • Best-for-now Legacy Browser Frame Breaking Script

  • Non-Working Scripts

  • And much more!

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific web application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics.

OWASP stands for The Open Web Application Security Project.

Request Free!

No comments:

Post a Comment