2 Replies Latest reply on Jan 18, 2018 11:01 AM by tnayyar RSS
    tnayyar Creator

    Clickjacking - Framable Page


    The page can be easily framed. Anti-framing measures are not used.



    Clickjacking and Cross-Site Request Forgery (CSRF) can be performed by framing the target site. An attack can trick the user into clicking on the link by framing

    the original page and showing a layer on top of it with dummy buttons.



    X-Frame-Options: This header works with modern browsers and can be used to prevent framing of the page.


    How to implement X-Frame options in ThingWorx application page? I'm new to this threat and recommended solution.Please help me out.



    Thanks in advance!