qtqa/gerrit.git - The Qt Project's vendor branch of Gerrit Code Review

diff options

author	Marcin Czech <maczech@gmail.com>	2020-06-15 17:36:18 +0200
committer	Marcin Czech <maczech@gmail.com>	2020-06-17 11:18:52 +0200
commit	559ea2b49f348d009287bef8f26f6f5e29971c4a (patch)
tree	7b3db796db160c541552ea37108298ad08ea907c /tools/maven/gerrit-extension-api_pom.xml
parent	56918394544b6207a626cb0938d0bba4927a9fa4 (diff)

Set X-Frame-Options header to avoid clickjacking

Add HTTP filter which is applied to all HTTP responses. Based on gerrit.canLoadInIFrame and gerrit.xframeOption properties filter adds the X-Frame-Options HTTP response header. The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>. Gerrit can use this to avoid click-jacking attacks, by ensuring that the content is not embedded into other sites. Bug: Issue 12926 Change-Id: If3f6a770332ade9924b3d1a20c092637c9380e0c

Diffstat (limited to 'tools/maven/gerrit-extension-api_pom.xml')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: