Skip to content

X Frame Options

Jump to bottom
Kubik2000 edited this page Nov 6, 2019 · 2 revisions

The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a , <iframe>, or . Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.

Links:

PHP / Apache

<IfModule mod_headers.c>
  Header set X-Frame-Options DENY
</IfModule>

Home

Default checks

html

CSS

HTML

Image

JavaScript

security

Cookies

Content Security Policy

Fingerprint

HSTS

HTTPS

X Frame Options

X XSS Protection

Clone this wiki locally