Difference between revisions of "X-Frame-Options"

From wikieduonline

Jump to navigation Jump to search

Revision as of 09:57, 20 July 2023

wikipedia:X-Frame-Options (deprecated)

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

The Content-Security-Policy HTTP header has a frame-ancestors directive which obsoletes this header for supporting browsers

X-Frame-Options: DENY
X-Frame-Options: SAMEORIGIN

ALLOW-FROM

Related

Content-Security-Policy: frame-ancestors

See also

HTTP Headers: Authorization:, X-Frame-Options, Content-Security-Policy, Cache-Control, Terraform: drop_invalid_header_fields
HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL, openSSL, WebSockets, WebRTC, ssl_certificate QUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers, --insecure, Axios HTTP client, HTTP cookies, HTTP ETag, Hypertext Transfer Protocol -- HTTP/1.1

Retrieved from "https://www.wikieduonline.com/index.php?title=X-Frame-Options&oldid=256474"

HTTP

Advertising: