This repository contains a sample web application with Clickjacking vulnerabilities and its attacker website.
The application is used in the Clickjacking Attacks and How to Prevent Them article to explain how Clickjacking attacks work and how to fix those vulnerabilities
This project uses the following technologies:
To run this project, follow these steps:
-
Clone this repository (
git clone https://github.com/auth0-blog/clickjacking-sample-app.git) -
Move to the root folder of the project (
clickjacking-sample-app) in your machine and install the dependencies by running the following command:npm install
-
To launch the web application, run the following command:
npm start
-
Point your browser to http://localhost:3000 to access the sample web app.
-
To launch the attacker website, run the following command:
node attacker-server.js
-
Point your browser to http://localhost:4000 to access the attacker website
Please, read the Clickjacking Attacks and How to Prevent Them article to learn more about Clickjacking attacks and the techniques to prevent them.