Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
snikch
on Feb 9, 2014
|
parent
|
context
|
favorite
| on:
Show HN: JS library to make your website instant
I believe that would be the point of <meta http-equiv="X-Frame-Options" content="deny">
codygman
on Feb 9, 2014
|
next
[–]
That's like trying to duct tape your arm back on after losing a fight with a chainsaw.
mike-cardwell
on Feb 9, 2014
|
prev
[–]
<img src="
https://accounts.google.com/Logout"
style="display:none">
"X-Frame-Options" is used to defend against click-jacking attacks, not to defend against CSRF.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
