This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Clickjacking Protection for Java EE

From OWASP
Revision as of 11:49, 30 June 2011 by Rikard Jespersen (talk | contribs) (Created page with "I have implemented this in tomcat 5.5.31 but I didn't get it to work. First I got an error that the java version was wrong. So I recompiled the class using the same sdk version ...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

I have implemented this in tomcat 5.5.31 but I didn't get it to work. First I got an error that the java version was wrong. So I recompiled the class using the same sdk version I use for the tomcat. This removed the error messages and everything looks dandy. Problem is that the sites are still "framable" in both Internet Explorer 8 and Firefox 5. Clearly I'm doing something wrong but I can't just seem to figure out what.

Is there a way to check if the headers are being sent out as suppossed to, or any other test to check what I'm doing wrong?

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:Clickjacking_Protection_for_Java_EE&oldid=113227"