HTTP X-Frame-Options Header

By: Dusty Arlia
Published on Friday, June 27, 2014, 05:06 PM
Last Updated on Saturday, July 11, 2015 at 3:28 PM
Total Updates: 2

The X-Frame-Options HTTP header provides clickjacking protection. The deny value provides no rendering within a frame. The sameorigin value provides no rendering if there's an origin mismatch. Here is an example:

X-Frame-Options: deny