cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Glenn (JIRA)" <>
Subject [jira] [Created] (CLOUDSTACK-7061) Cloudstack web-application: Missing X-Frame-Options header
Date Thu, 03 Jul 2014 10:28:24 GMT
Glenn created CLOUDSTACK-7061:

             Summary: Cloudstack web-application: Missing X-Frame-Options header
                 Key: CLOUDSTACK-7061
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
    Affects Versions: 4.3.0
            Reporter: Glenn
            Priority: Critical

Provides Clickjacking protection. Values: deny - no rendering within a frame, sameorigin -
no rendering if origin mismatch, allow-from: DOMAIN - allow rendering if framed by frame loaded

Please add the following header: 
X-Frame-Options: sameorigin

Overall score: High 

This message was sent by Atlassian JIRA

View raw message