Reputation:
Where add x-frame-options :sameorigin , in JSP , JAVA,WEB.xml , where?
There is white hat vulnerability in our project is they have provided solution add x-frame-options :sameorigin to block extra frame
but where i should add this code.
Framework - Struts1.1 ApplicationServer- Weblogic12C
Totally confused where to add this particular code please help
Upvotes: 1
Views: 7468
Answers (2)
Reputation:
I have solve this problem by adding filter in our code :
web.xml
- filter code mapping and all
Add Filter java class in your project
please find filter class at below link :
This will add X-Frame-Options in response header
Upvotes: 0
Reputation: 976
Oracle Weblogic Server does not have an option for this. In other words, Oracle WebLogic Server (WLS) does not have a setting to control the X-Frame-Options Header. If it's not possible to control this header at an application level, you may configure as follows in the httpd.conf of the Oracle HTTP Server (OHS):
Header always append X-Frame-Options SAMEORIGIN
Upvotes: 2
Related Questions
- IIS is adding default 'X-Frame-Options:SAMEORIGIN' even then I added new HTTP response header in default website level as'X-Frame-Options:ALLOW'.
- X-Frame-Options to SAMEORIGIN in Geoserver prevents my iframe to be viewed
- In a frame because it set 'X-Frame-Options' to 'SAMEORIGIN, SAMEORIGIN'
- Iframe error : because it set 'X-Frame-Options' to 'sameorigin'
- X-Frame-Options are not working correct for me
- How to set x frame option in tomcat
- Google Views in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'
- Sharepoint : Refused to display URL in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'
- 'X-Frame-Options' to 'SAMEORIGIN'. error
- Generic solution of 'X-Frame-Options' to 'SAMEORIGIN' issue