Clickjacking Defense - Declarative Sec Detector

Author(s):



The X-FRAME-OPTIONS sets a restriction on the framing of a web page for a particular domain. It uses the value DENY
and SAMEORIGIN for rendering the contents into a child frame. It is possible to stop the rendering completely in
a child frame using DENY as a parameter. The SAMEORIGIN parameter declares that the content can only come
from the parent site and that no third party content rendering is allowed.

This addon scans all the HTTP response headers that accompany with the web page and raises a notification in the status bar showing whether the declarative security for Clickjacking is applied on the respective domain or not.

For more details Refer: http://www.usenix.org/event/collsec10/tech/full_papers/Sood.pdf

Download files:

clickjacking-defense-declar-0.77.1-signed.1-signed-mac.xpi
clickjacking-defense-declar-0.77.1-signed.1-signed-windows.xpi


This page is part of the LegacyCollector website.
Disclaimer: All material on this site is property of their respective owners and available under
open licenses to the best of our knowledge. If you are an author and would like anything removed,
then please write an e-mail to legacy [at] collector dot org.