[Tickets #10391] Clickjacking protection for Horde
bugs at horde.org
bugs at horde.org
Wed Jul 27 18:01:46 UTC 2011
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/10391
------------------------------------------------------------------------------
Ticket | 10391
Created By | Chuck Hagenbuch <chuck at horde.org>
Summary | Clickjacking protection for Horde
Queue | Horde Framework Packages
Version | Git master
Type | Enhancement
State | New
Priority | 1. Low
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
Chuck Hagenbuch <chuck at horde.org> (2011-07-27 18:01) wrote:
1. X-FRAME-OPTIONS
2. frame-busting JS (below)
3. Content security policy
<style>
html { visibility: hidden; }
</style>
<script>
if (self == top) {
document.documentElement.style.visibility = 'visible';
} else {
top.location = self.location;
}
</script>
More information about the bugs
mailing list