Skip to content
No description, website, or topics provided.
C# Shell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
build
data/nuget
lib
src
.gitignore
LICENSE.txt
README.md

README.md

Clickjacking Protection - a Sitecore Extension

This extension provides basic protection against Clickjacking Attacks (see Wikipedia for details on what a Clickjack attack is and OWASP.org for details on different methods of protection against it).

Features

Implemented

  • Sitecore instance default setting for X-Frame-Option Header
  • Default setting support for DENY, SAMEORIGIN or empty (X-Frame-Option header)

Planned

  • Site-based X-Frame-Option settings
  • Page-based X-Frame-Option settings through data template that can be inherited from on pages.
  • support for JavaScript based protection (frame breaker)
  • automatic browser / feature detection (and fallbacks)
  • support for ALLOW-FROM values

Tested on

  • Sitecore 7.0 (but should work with 6.x)

Installation

Install via NuGet Gallery

  PM> tbd

Build

See Readme.md in the /build folder.

You can’t perform that action at this time.