X-Frame-Options
In this lesson, we'll study X-Frame-Options.
We'll cover the following...
What is clickjacking?
Imagine seeing a web page like this on your screen:
As soon as you click on the link, you realize that all the money in your bank account is gone. What happened?
You were a victim of a clickjacking attack! An attacker directed you to their website, which displays an attractive link to click. Unfortunately, they also embedded an iframe from your-bank.com/transfer?amount=10000000&to=attacker@example.com in the page but hid it by setting its opacity to 0%. Then, instead of clicking on the original page and winning a brand-new hummer, the browser captured a click on the iframe, a dangerous click that confirmed the transfer of money. Most banking systems require ...