[websec] I-D Action: draft-ietf-websec-x-frame-options-03.txt

internet-drafts@ietf.org Sat, 22 June 2013 06:06 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E429C21F99F7; Fri, 21 Jun 2013 23:06:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.516
X-Spam-Level:
X-Spam-Status: No, score=-102.516 tagged_above=-999 required=5 tests=[AWL=0.084, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2IKi2Em33sU1; Fri, 21 Jun 2013 23:06:43 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 2418C21F969F; Fri, 21 Jun 2013 23:06:43 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 4.51.p2
Message-ID: <20130622060643.18672.33108.idtracker@ietfa.amsl.com>
Date: Fri, 21 Jun 2013 23:06:43 -0700
Cc: websec@ietf.org
Subject: [websec] I-D Action: draft-ietf-websec-x-frame-options-03.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Jun 2013 06:06:44 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Web Security Working Group of the IETF.

	Title           : HTTP Header Field X-Frame-Options
	Author(s)       : David Ross
                          Tobias Gondrom
	Filename        : draft-ietf-websec-x-frame-options-03.txt
	Pages           : 11
	Date            : 2013-06-21

Abstract:
   To improve the protection of web applications against Clickjacking,
   this specification describes the X-Frame-Options HTTP response header
   field that declares a policy communicated from the server to the
   client browser on whether the browser may display the transmitted
   content in frames that are part of other web pages.  This
   informational document serves to document the existing use and
   specification of this X-Frame-Options HTTP response header field.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-03

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-x-frame-options-03


Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/