Skip to content

retohugi/SitecoreExtension-ClickjackingProtection

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ace2333 · Dec 27, 2013

History

9 Commits
Dec 27, 2013
Dec 27, 2013
Dec 27, 2013
Dec 27, 2013
Dec 27, 2013
Dec 27, 2013
Dec 27, 2013

Repository files navigation

Clickjacking Protection - a Sitecore Extension

This extension provides basic protection against Clickjacking Attacks (see Wikipedia for details on what a Clickjack attack is and OWASP.org for details on different methods of protection against it).

Features

Implemented

  • Sitecore instance default setting for X-Frame-Option Header
  • Default setting support for DENY, SAMEORIGIN or empty (X-Frame-Option header)

Planned

  • Site-based X-Frame-Option settings
  • Page-based X-Frame-Option settings through data template that can be inherited from on pages.
  • support for JavaScript based protection (frame breaker)
  • automatic browser / feature detection (and fallbacks)
  • support for ALLOW-FROM values

Tested on

  • Sitecore 7.0 (but should work with 6.x)

Installation

Install via NuGet Gallery

  PM> tbd

Build

See Readme.md in the /build folder.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published