[websec] I-D Action: draft-ietf-websec-x-frame-options-09.txt
internet-drafts@ietf.org Tue, 13 August 2013 16:48 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD60211E81A4; Tue, 13 Aug 2013 09:48:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.6
X-Spam-Level:
X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZE9AkaAKMrK1; Tue, 13 Aug 2013 09:48:18 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C3A6B11E81AB; Tue, 13 Aug 2013 09:48:17 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 4.70.p1
Message-ID: <20130813164817.26226.95459.idtracker@ietfa.amsl.com>
Date: Tue, 13 Aug 2013 09:48:17 -0700
Cc: websec@ietf.org
Subject: [websec] I-D Action: draft-ietf-websec-x-frame-options-09.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Aug 2013 16:48:18 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Security Working Group of the IETF.
Title : HTTP Header Field X-Frame-Options
Author(s) : David Ross
Tobias Gondrom
Filename : draft-ietf-websec-x-frame-options-09.txt
Pages : 12
Date : 2013-08-13
Abstract:
To improve the protection of web applications against Clickjacking,
this definition describes the X-Frame-Options HTTP response header
field that declares a policy communicated from the server to the
client browser on whether the browser may display the transmitted
content in frames that are part of other web pages. This
informational document serves to document the existing use and
specification of this X-Frame-Options HTTP response header field.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-09
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-x-frame-options-09
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [websec] I-D Action: draft-ietf-websec-x-frame-op… internet-drafts