Class Rack::Protection::FrameOptions
In: lib/rack/protection/frame_options.rb
Parent: Base
Prevented attack:Clickjacking
Supported browsers:Internet Explorer 8, Firefox 3.6.9, Opera 10.50, Safari 4.0, Chrome 4.1.249.1042 and later
More infos:developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header

Sets X-Frame-Options header to tell the browser avoid embedding the page in a frame.

Options:

frame_options:Defines who should be allowed to embed the page in a frame. Use :deny to forbid any embedding, :sameorigin to allow embedding from the same origin (default).

Methods

Public Instance methods

[Validate]