documentation for fixing Clickjacking Vulnerability

[atharv02-git]

Description

This pull request is in regards to document the process for patching a sever issue within OnTrack -> Clickjacking Vulnerability.
You can find the documentation for this Vulnerability over here.
Fixes # (issue)

Type of change

• Bug fix (non-breaking change which fixes an issue)
• Documentation (update or new)

How Has This Been Tested?

Testing Checklist:

[ ] Verified via Browser Developer Tools
- Compose your application first, then once the app has started; go to developer's console -> Network -> Selected any request -> Look under Response Headrs:
- X-Frame-Options: DENY
- Content-Security-Policy: default-src 'self'; frame-ancestors 'none';

• Yet to test Clickjacking Prevention in a Malicious Iframe Setup as listed in the report.

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have requested a review from @b0ink and @ibi420 on the Pull Request

[ibi420]

Hey @atharv02-git, Following your documentation, I was able to replicate the fix and confirm this vulnerability has been patched.

[theiris6]

Hey @atharv02-git,
Thanks for the clear documentation. I was able to follow your steps, verify the headers, and confirm that the Clickjacking vulnerability has been resolved as intended.

Everything looks good. Approved.