X-Frame-Option is dead, long live Content Security Policy!

Clickjacking, (A.K.A UI Redress attack)¬†is an attack in which an attacker utilizes multiple¬†transparent or opaque layers in order to trick a client into clicking on a button or link on a different page; they are then mislead to think they were clicking the top level page link. Accordingly, the attacker is “hijacking” clicks meant for … Continue reading X-Frame-Option is dead, long live Content Security Policy!