OWASP

IIS Server Headers – Clickjacking – X-Frame-Options

Configure IIS to use – X-Frame-Options I recently had a request to update a server to correct a few audit findings.  One finding was related to “clickjacking” (More info from Wikipedia and OWASP) Clickjacking is a process where a malicious link is injected on the page that takes you to what you would think is a normal page but is hijacking …

Read more