[tahoe-lafs-trac-stream] [Tahoe-LAFS] #1455: WUI: ambiently accessible pages should framebust in order to prevent UI redressing attacks
Tahoe-LAFS
trac at tahoe-lafs.org
Mon May 28 12:12:44 UTC 2018
#1455: WUI: ambiently accessible pages should framebust in order to prevent UI
redressing attacks
-------------------------+-------------------------------------------------
Reporter: | Owner:
davidsarah |
Type: defect | Status: new
Priority: normal | Milestone: 1.13.0
Component: code- | Version: 1.8.2
frontend-web | Keywords: security ambient wui redressing
Resolution: | review-needed
Launchpad Bug: |
-------------------------+-------------------------------------------------
Comment (by Jean-Paul Calderone <exarkun@…>):
In [changeset:"718fa4493c4b6dd9d897160ded2ea4831c17d3bf/trunk"
718fa44/trunk]:
{{{
#!CommitTicketReference repository="trunk"
revision="718fa4493c4b6dd9d897160ded2ea4831c17d3bf"
Add "X-Frame-Options: DENY" header to all pages. refs #1455
Signed-off-by: Daira Hopwood <daira at jacaranda.org>
}}}
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1455#comment:14>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list