Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix link to CSP in Reference Doc 

Previously the link in the reference from x-frame-options to the
content security policy section was broken.

This commit fixes the link.

Issue gh-4063
This commit is contained in:
Rob Winch 2016-09-19 10:21:04 -05:00
parent 12173c04ee
commit 7f54c8b8b4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/manual/src/docs/asciidoc/index.adoc
View File

@ -4038,7 +4038,7 @@ Allowing your website to be added to a frame can be a security issue. For exampl
[NOTE]
====
Another modern approach to dealing with clickjacking is to use <<headers-content-security-policy>>.
Another modern approach to dealing with clickjacking is to use <<headers-csp>>.
====
There are a number ways to mitigate clickjacking attacks. For example, to protect legacy browsers from clickjacking attacks you can use https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet#Best-for-now_Legacy_Browser_Frame_Breaking_Script[frame breaking code]. While not perfect, the frame breaking code is the best you can do for the legacy browsers.