MantisBT: master d9db796f

Author Committer Branch Timestamp Parent
dhx dhx master 2010-04-22 08:02:20 master e4902b65
Affected Issues  0011824: Implement X-Frame-Options clickjacking protection
Changeset

Issue 0011824: Implement X-Frame-Options clickjacking protection

The X-Frame-Options header can help prevent clickjacking attacks against
MantisBT installations by preventing MantisBT from being loaded inside
an iframe.

Currently the following browsers support X-Frame-Options:

  • IE8+
  • Opera 10.50+
  • Safari 4+
  • Chrome 4.1.249.1042+
  • Firefox with NoScript
mod - core/http_api.php Diff File