{"draft":"draft-ietf-websec-x-frame-options-12","doc_id":"RFC7034","title":"HTTP Header Field X-Frame-Options","authors":["D. Ross","T. Gondrom"],"format":["ASCII","HTML"],"page_count":"14","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Web Security","abstract":"To improve the protection of web applications against clickjacking,\r\nthis document describes the X-Frame-Options HTTP header field, which\r\ndeclares a policy, communicated from the server to the client\r\nbrowser, regarding whether the browser may display the transmitted\r\ncontent in frames that are part of other web pages.","pub_date":"October 2013","keywords":["frame-options","HTTP header","websec"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC7034","errata_url":null}