Difference between revisions of "Clickjacking Cheat Sheet"

From OWASP
Jump to: navigation, search
m (Created page with "= DRAFT CHEAT SHEET - WORK IN PROGRESS = = Introduction = This article is focused on providing developer guidance on Clickjack/UI Redress attack prevention. == Clickjacking D...")
 
m (Clickjacking Defenses)
Line 7: Line 7:
 
== Clickjacking Defenses ==
 
== Clickjacking Defenses ==
  
= Frame busting JavaScript
+
= Frame busting JavaScript =
= X-Frame-Options  
+
= X-Frame-Options =
= NoScript
+
= NoScript =
= IE8 XSS filter
+
= IE8 XSS filter =
 +
 
 
= Restricted frames =  
 
= Restricted frames =  
 
= Redefining location =
 
= Redefining location =

Revision as of 21:17, 14 November 2011

Contents

DRAFT CHEAT SHEET - WORK IN PROGRESS

Introduction

This article is focused on providing developer guidance on Clickjack/UI Redress attack prevention.

Clickjacking Defenses

Frame busting JavaScript

X-Frame-Options

NoScript

IE8 XSS filter

Restricted frames

Redefining location

Clickjacking detection

References

https://www.owasp.org/index.php/Clickjacking

OWASP Cheat Sheets Project Homepage

Developer Cheat Sheets (Builder)

Assessment Cheat Sheets (Breaker)

Mobile Cheat Sheets

OpSec Cheat Sheets (Defender)

Draft Cheat Sheets