IETF Logo Mail Archive

[websec] I-D Action: draft-ietf-websec-x-frame-options-02.txt

internet-drafts@ietf.org Mon, 25 February 2013 19:05 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6814D21F9362; Mon, 25 Feb 2013 11:05:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.526
X-Spam-Level:
X-Spam-Status: No, score=-102.526 tagged_above=-999 required=5 tests=[AWL=0.073, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L9xf8IFajHCw; Mon, 25 Feb 2013 11:05:00 -0800 (PST)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80F581F0D0C; Mon, 25 Feb 2013 11:04:58 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 4.40
Message-ID: <20130225190458.24804.95574.idtracker@ietfa.amsl.com>
Date: Mon, 25 Feb 2013 11:04:58 -0800
Cc: websec@ietf.org
Subject: [websec] I-D Action: draft-ietf-websec-x-frame-options-02.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Feb 2013 19:05:00 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Web Security Working Group of the IETF.

	Title           : HTTP Header Field X-Frame-Options
	Author(s)       : David Ross
                          Tobias Gondrom
	Filename        : draft-ietf-websec-x-frame-options-02.txt
	Pages           : 11
	Date            : 2013-02-25

Abstract:
   To improve the protection of web applications against Clickjacking,
   this specification describes the X-Frame-Options HTTP response header
   field that declares a policy communicated from the server to the
   client browser on whether the browser may display the transmitted
   content in frames that are part of other web pages.  This
   informational document serves to document the existing use and
   specification of this X-Frame-Options HTTP response header field.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-02

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-x-frame-options-02


Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

v2.23.0 | Report a Bug | By Email