[Openid-specs-ab] Issue #839: Standard - Add x-frame-options to security consideration (openid/connect)
Torsten Lodderstedt
torsten at lodderstedt.net
Fri May 31 07:56:59 UTC 2013
Hi Nat,
the OAuth core's security considerations already cover this threat/countermeasure. The connect spec may refer to it.
regards,
Torsten.
Am 31.05.2013 um 03:31 schrieb "Nat Sakimura" <issues-reply at bitbucket.org>:
> New issue 839: Standard - Add x-frame-options to security consideration
> https://bitbucket.org/openid/connect/issue/839/standard-add-x-frame-options-to-security
>
> Nat Sakimura:
>
> For frame busting to avoid click jacking.
>
> It may even be normative.
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
More information about the Openid-specs-ab
mailing list