Issue #15: Add X-Frame-Options / frame-ancestors support - ipsilon

ipsilon

#15 Add X-Frame-Options / frame-ancestors support

Closed: Fixed None Opened 9 years ago by simo.

This help preventing click jacking attacks by embedding the login/administration pages into iframes.

dpal commented 9 years ago

Fields changed

milestone: => 1.0 m3
owner: simo => npmccallum
status: new => assigned

nkinder commented 9 years ago

Fields changed

owner: npmccallum =>

simo commented 9 years ago

Fields changed

status: assigned => new

puiterwijk commented 9 years ago

We should set these headers on the Endpoint class, so it gets set by default for any new page, and then have a decorator to disable it for specific pages (Persona and SAML Logout for now)

patch_available: => 0

nkinder commented 9 years ago

Fields changed

milestone: 1.0 m3 => 1.0

nkinder commented 9 years ago

Fields changed

milestone: 1.0 m4 => 1.0

rcritten commented 9 years ago

Fields changed

design_link: =>
owner: => rcritten
status: new => accepted

rcritten commented 9 years ago

Patch in my fedorapeople xframe_headers branch.

patch_available: 0 => 1

rcritten commented 9 years ago

master: 44f663a

resolution: => fixed
status: accepted => closed

nkinder commented 8 years ago

Fields changed

rhbz: => 0

Metadata Update from @nkinder:
- Issue assigned to rcritten
- Issue set to the milestone: 1.0

7 years ago

Metadata

Assignee

rcritten

Tags

None

Blocking

None

Depending on

None

Priority

Minor

Milestone

1.0

rhbz

design_link

None

type

enhancement

component

framework

version

None

sensitive

patch_available

ipsilon

Source Code

#15 Add X-Frame-Options / frame-ancestors support Closed: Fixed None Opened 9 years ago by simo.

Metadata

#15 Add X-Frame-Options / frame-ancestors support

Closed: Fixed None Opened 9 years ago by simo.