[Tickets #10391] Clickjacking protection for Horde

bugs at horde.org bugs at horde.org
Wed Jul 27 18:01:46 UTC 2011


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/10391
------------------------------------------------------------------------------
  Ticket             | 10391
  Created By         | Chuck Hagenbuch <chuck at horde.org>
  Summary            | Clickjacking protection for Horde
  Queue              | Horde Framework Packages
  Version            | Git master
  Type               | Enhancement
  State              | New
  Priority           | 1. Low
  Milestone          |
  Patch              |
  Owners             |
------------------------------------------------------------------------------


Chuck Hagenbuch <chuck at horde.org> (2011-07-27 18:01) wrote:

1. X-FRAME-OPTIONS
2. frame-busting JS (below)
3. Content security policy

<style>
html { visibility: hidden; }
</style>

<script>
if (self == top) {
     document.documentElement.style.visibility = 'visible';
} else {
     top.location = self.location;
}
</script>






More information about the bugs mailing list