X-Frame-Options
that was easy. after watching this talk on 28c3 i enabled the X-Frame-Options for apache and varnish. apache:
Header set X-Frame-Options deny
varnish:
sub vcl_deliver { set resp.http.X-Frame-Options = "deny"; }
that was easy. after watching this talk on 28c3 i enabled the X-Frame-Options for apache and varnish. apache:
Header set X-Frame-Options deny
varnish:
sub vcl_deliver { set resp.http.X-Frame-Options = "deny"; }