public marks

PUBLIC MARKS from dzc with tags "sécurité application web" & X-Frame-Options

20 October 2014 12:45

RFC 7034 - HTTP Header Field X-Frame-Options

To improve the protection of web applications against clickjacking, this document describes the X-Frame-Options HTTP header field, which declares a policy, communicated from the server to the client browser, regarding whether the browser may display the transmitted content in frames that are part of other web pages.