- changed milestone to Final
- changed component to Standard
-
assigned issue to
Standard 6 - Frame Busting
Issue #874
resolved
We mention Frame Busting. We probably should call out X-Frame Header as well.
Comments (5)
-
-
reporter In section 6 of the Standard, the last para states:
Clients SHOULD employ frame busting and other techniques to prevent End-Users from being logged in by third party sites without their knowledge.
It should be changed to
Clients SHOULD employ frame busting and other techniques to prevent End-Users from being logged in by third party sites without their knowledge through such attacks as clickjacking. Refer to 4.4.1.9 of RFC6819 for more details.
-
reporter - changed title to Standard 6 - Frame Busting
-
reporter - changed status to open
Added the proposed text.
-
- changed status to resolved
Fixed
#874- Said more about frame busting→ <<cset 926cea48d5ba>>
- Log in to comment
Nat to propose concrete text