[websec] I-D Action: draft-ietf-websec-x-frame-options-08.txt
internet-drafts@ietf.org Sun, 11 August 2013 20:57 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A0F521F8425; Sun, 11 Aug 2013 13:57:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.597
X-Spam-Level:
X-Spam-Status: No, score=-102.597 tagged_above=-999 required=5 tests=[AWL=0.003, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CgsPft1qtcGd; Sun, 11 Aug 2013 13:57:19 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C63611E811E; Sun, 11 Aug 2013 13:50:55 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 4.70.p1
Message-ID: <20130811205055.28088.67539.idtracker@ietfa.amsl.com>
Date: Sun, 11 Aug 2013 13:50:55 -0700
Cc: websec@ietf.org
Subject: [websec] I-D Action: draft-ietf-websec-x-frame-options-08.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Aug 2013 20:57:20 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Security Working Group of the IETF.
Title : HTTP Header Field X-Frame-Options
Author(s) : David Ross
Tobias Gondrom
Filename : draft-ietf-websec-x-frame-options-08.txt
Pages : 11
Date : 2013-08-11
Abstract:
To improve the protection of web applications against Clickjacking,
this definition describes the X-Frame-Options HTTP response header
field that declares a policy communicated from the server to the
client browser on whether the browser may display the transmitted
content in frames that are part of other web pages. This
informational document serves to document the existing use and
specification of this X-Frame-Options HTTP response header field.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-08
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-x-frame-options-08
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [websec] I-D Action: draft-ietf-websec-x-frame-op… internet-drafts