COV-Webmaster
asked on
X-Frame-Options - click-jacking
Hi,
I have a question, I'm trying to put X-Frame-Options onto a HTTP Response Headers on IIS (server win 2k8 r2). I've put deny and it seems that it doesn't work. Any suggestions? IS there any tool to confirm that its working cause I dont believe it does.
Thank you for your time
Katerina
Capture.JPG
Capture1.JPG
Capture2.JPG
I have a question, I'm trying to put X-Frame-Options onto a HTTP Response Headers on IIS (server win 2k8 r2). I've put deny and it seems that it doesn't work. Any suggestions? IS there any tool to confirm that its working cause I dont believe it does.
Thank you for your time
Katerina
Capture.JPG
Capture1.JPG
Capture2.JPG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I dont see it working correctly.What does that mean? How are you checking? It's just a header that is sent with the page request. It's up to the browser to enforce it.
ASKER
does this look correct to you ?!
<iframe src="https://secure.west.prophetservices.com/****/Home/Index?CourseId=2,1,3&Date=2016-4-8&Time=AnyTime&Player=99&Hole=18#channelweb" name="frame1" scrolling="auto" frameborder="no" align="center" height = "600x" width = "600px">
Im trying to understand what works and what doesnt.'
Thank you for your time and helping me understand this.
K
Capture.JPG
<iframe src="https://secure.west.prophetservices.com/****/Home/Index?CourseId=2,1,3&Date=2016-4-8&Time=AnyTime&Player=99&Hole=18#channelweb" name="frame1" scrolling="auto" frameborder="no" align="center" height = "600x" width = "600px">
Im trying to understand what works and what doesnt.'
Thank you for your time and helping me understand this.
K
Capture.JPG
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Even if I change the Value to SAMEORIGIN or allow from "URL" I dont see it working correctly. Is there a tool out there so see if the X-Frame is working correctly for the IIS configurations?
Cheers
Katerina