Forum Discussion
3 Replies
Sort By
- Kash_276820Nimbostratus
Experts Any updates?
- Jad_Tabbara__J1Cirrostratus
Hello Kash,
If your "custom response page" contains and you add :</p> <ul> <li>"X-Frame-Options: DENY" then the browser will not load the iframe content </li> <li>"X-Frame-Options: SAMEORIGIN" then browser will load only iframe comming from same domain</li> </ul> <p>If your "custom response page" doesn't contain iframe there is no impact to do this on the blocking page itself. </p> <p>Regards</p>
- samstepCirrocumulus
Should be no impact - these headers provide Clickjacking attack mitigation