(Semi-OT) Clickjacking countermeasure
lists at lazygranch.com
lists at lazygranch.com
Thu Sep 22 20:48:32 UTC 2016
I saw that, but I took the path of least resistance. The method I mentioned was sufficient to pass the tinfoilsecurity.com test.
To tinfoils's credit, they provided three references on Clickjacking, one of which is the website you suggested.
Original Message
From: c0nw0nk
Sent: Thursday, September 22, 2016 1:34 PM
To: nginx at nginx.org
Reply To: nginx at nginx.org
Subject: Re: (Semi-OT) Clickjacking countermeasure
https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet
Inside your <head> </head> tags.
<style id="antiClickjack">body{display:none !important;}</style>
<script type="text/javascript">
if (self === top) {
var antiClickjack = document.getElementById("antiClickjack");
antiClickjack.parentNode.removeChild(antiClickjack);
} else {
top.location = self.location;
}
</script>
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,269763,269773#msg-269773
_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list