More commonly, SAMEORIGIN is used, as it does enable the use of frames, but limits them to the current domain. The DENY option is the most secure, preventing any use of the current page in a frame. X-Frame-Options allows content publishers to prevent their own content from being used in an invisible frame by attackers.
0 Comments
Leave a Reply. |