NewsFirefox 3.6.9 Supports Clickjacking Attack Security Header

Firefox 3.6.9 Supports Clickjacking Attack Security Header

The newest version of Firefox 3.6.9 now supports the X-Frame-Options HTTP response header to prevent clickjacking attacks.

Web site owners can configure their Web servers to send a special header that tells the browser to not embed the page inside another Web site’s content.

“When an attempt is made to load content into a frame, and permission is denied by the X-Frame-Options header, Firefox currently renders about:blank into the frame. At some point, an error message of some kind will be displayed in the frame instead,” according to the Mozilla document on X-Frame-Options response header.

In June, several hundred thousand Facebook users fell victim to a clickjacking attack.

Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends & analysis
This email address is invalid.

Latest Posts

Related Stories