cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - You can Bookmark boards, posts or articles that you'd like to access again easily! X

Clickjacking - Framable Page

TanmeyTWX
17-Peridot
17-Peridot
‎Dec 04, 2015 12:56 AM
‎Dec 04, 2015 12:56 AM

Clickjacking - Framable Page

Threat:-

The page can be easily framed. Anti-framing measures are not used.

Impact:-

Clickjacking and Cross-Site Request Forgery (CSRF) can be performed by framing the target site. An attack can trick the user into clicking on the link by framing

the original page and showing a layer on top of it with dummy buttons.

Solution:-

X-Frame-Options: This header works with modern browsers and can be used to prevent framing of the page.

How to implement X-Frame options in ThingWorx application page? I'm new to this threat and recommended solution.Please help me out.

Thanks in advance!

0 Kudos
Notify Moderator
2 REPLIES 2
TanmeyTWX
17-Peridot
17-Peridot
(To:mattfor)
‎Dec 09, 2015 02:15 AM
‎Dec 09, 2015 02:15 AM

Thanks Mathew for these references.

But I'm unable to understand the way of implementing X-Frame options into ThingWorx application/site.

-Which script or service file to be edited,is it any Tomcat conf file or what ?

-How to verify the success after the implementation?

0 Kudos
Notify Moderator
Announcements


Contact Community Management
Top Tags