Firefox 3.6.9 Supports Clickjacking Attack Security Header

September 8, 2010
By Developer.com Staff

The newest version of Firefox 3.6.9 now supports the X-Frame-Options HTTP response header to prevent clickjacking attacks.

Web site owners can configure their Web servers to send a special header that tells the browser to not embed the page inside another Web site's content.

"When an attempt is made to load content into a frame, and permission is denied by the X-Frame-Options header, Firefox currently renders about:blank into the frame. At some point, an error message of some kind will be displayed in the frame instead," according to the Mozilla document on X-Frame-Options response header.

In June, several hundred thousand Facebook users fell victim to a clickjacking attack.

View Article

0 Comments (click to add your comment)

Comment and Contribute

Solid State Drives: The Future of Data Storage?

Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.