IETF Logo Mail Archive

[websec] I-D Action: draft-ietf-websec-frame-options-00.txt

internet-drafts@ietf.org Fri, 06 July 2012 10:47 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC42E21F8790; Fri, 6 Jul 2012 03:47:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UK5YW2Gf2QKk; Fri, 6 Jul 2012 03:47:08 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 204B121F877B; Fri, 6 Jul 2012 03:47:08 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 4.30p2
Message-ID: <20120706104708.18629.48263.idtracker@ietfa.amsl.com>
Date: Fri, 06 Jul 2012 03:47:08 -0700
Cc: websec@ietf.org
Subject: [websec] I-D Action: draft-ietf-websec-frame-options-00.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jul 2012 10:47:09 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Web Security Working Group of the IETF.

	Title           : HTTP Header Frame Options
	Author(s)       : David Ross
                          Tobias Gondrom
	Filename        : draft-ietf-websec-frame-options-00.txt
	Pages           : 9
	Date            : 2012-07-06

Abstract:
   To improve the protection of web applications against Clickjacking
   this standards defines a http response header that declares a policy
   communicated from a host to the client browser whether the
   transmitted content MUST NOT be displayed in frames of other pages
   from different origins which are allowed to frame the content.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-frame-options

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-frame-options-00


Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

v2.14.0 | Report a Bug | By Email