Difference between revisions of "Clickjacking Cheat Sheet"

From OWASP
Jump to: navigation, search
m (Clickjacking Defenses)
m
Line 5: Line 5:
 
This article is focused on providing developer guidance on Clickjack/UI Redress attack prevention.  
 
This article is focused on providing developer guidance on Clickjack/UI Redress attack prevention.  
  
== Clickjacking Defenses ==
+
= Clickjacking Defenses =
  
= Frame busting JavaScript =
+
== Frame busting JavaScript ==
= X-Frame-Options =
+
== X-Frame-Options ==
= NoScript =
+
== NoScript ==
= IE8 XSS filter =
+
== IE8 XSS filter ==
 +
== Restricted frames ==
 +
== Redefining location ==
 +
== Clickjacking detection ==  
  
= Restricted frames =
+
= References =
= Redefining location =
+
= Clickjacking detection =
+
 
+
== References ==
+
  
 
[https://www.owasp.org/index.php/Clickjacking https://www.owasp.org/index.php/Clickjacking]
 
[https://www.owasp.org/index.php/Clickjacking https://www.owasp.org/index.php/Clickjacking]

Revision as of 21:17, 14 November 2011

Contents

DRAFT CHEAT SHEET - WORK IN PROGRESS

Introduction

This article is focused on providing developer guidance on Clickjack/UI Redress attack prevention.

Clickjacking Defenses

Frame busting JavaScript

X-Frame-Options

NoScript

IE8 XSS filter

Restricted frames

Redefining location

Clickjacking detection

References

https://www.owasp.org/index.php/Clickjacking

OWASP Cheat Sheets Project Homepage

Developer Cheat Sheets (Builder)

Assessment Cheat Sheets (Breaker)

Mobile Cheat Sheets

OpSec Cheat Sheets (Defender)

Draft Cheat Sheets