Learn how to protect your Umbraco site from clickjacking attacks using X-Frame-Options and security headers.
Checks if your site is allowed to be IFRAMEd by another site and thus would be susceptible to click-jacking.
How to fix this health checkThis health check can be fixed by adding a header before the response is started.
Preferable you use a security library like NWebSec .
Adding Click-Jacking Protection using NWebSecIf you take a NuGet dependency on NWebsec.AspNetCore.Middleware/ , you can use third extension methods on IApplicationBuilder.
...
WebApplication app = builder.Build();
app.UseXfo(options => options.SameOrigin());Avoid third-party library dependency by using custom middleware added to the request pipeline.
app.Use(async (context, next) =>
{
context.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
await next();
});Last updated 4 months ago
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4