IETF Logo Mail Archive

[websec] I-D Action: draft-ietf-websec-x-frame-options-00.txt

internet-drafts@ietf.org Tue, 03 July 2012 21:16 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9AE411E819E; Tue, 3 Jul 2012 14:16:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.476
X-Spam-Level:
X-Spam-Status: No, score=-102.476 tagged_above=-999 required=5 tests=[AWL=0.123, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cUAs90KM645B; Tue, 3 Jul 2012 14:16:11 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FA7211E818F; Tue, 3 Jul 2012 14:16:09 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 4.30
Message-ID: <20120703211609.32663.986.idtracker@ietfa.amsl.com>
Date: Tue, 03 Jul 2012 14:16:09 -0700
Cc: websec@ietf.org
Subject: [websec] I-D Action: draft-ietf-websec-x-frame-options-00.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jul 2012 21:16:12 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Web Security Working Group of the IETF.

	Title           : HTTP Header X-Frame-Options
	Author(s)       : David Ross
                          Tobias Gondrom
	Filename        : draft-ietf-websec-x-frame-options-00.txt
	Pages           : 9
	Date            : 2012-07-03

Abstract:
   To improve the protection of web applications against Clickjacking
   this standards defines a http response header that declares a policy
   communicated from a host to the client browser whether the
   transmitted content MUST NOT be displayed in frames of other pages
   from different origins which are allowed to frame the content.  This
   drafts serves to document the existing use and specification of
   X-Frame-Options.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-00


Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

v2.23.0 | Report a Bug | By Email