Newest Firefox update (3.6.9.) includes clickjacking protection

Discussion in 'BlackHat Lounge' started by HoNeYBiRD, Sep 8, 2010.

  1. HoNeYBiRD

    HoNeYBiRD Jr. VIP Jr. VIP

    Joined:
    May 1, 2009
    Messages:
    8,332
    Likes Received:
    9,241
    Gender:
    Male
    Occupation:
    Geographer, Tourism Manager
    Location:
    Ghosted
    What?s New in Firefox 3.6.9

    Firefox 3.6.9 fixes the following issues found in previous versions of Firefox 3.6:
    * Introduced support for the X-FRAME-OPTIONS HTTP response header. Site owners can use this to mitigate clickjacking attacks by ensuring that their content is not embedded into other sites.

    The X-FRAME-OPTIONS HTTP response can be used to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.

    The X-FRAME-OPTIONS HTTP response header can have two values, DENY and SAMEORIGIN, which will block any framing or framing by external sites, respectively.
     
  2. CoolAdvisor

    CoolAdvisor Supreme Member

    Joined:
    Mar 24, 2008
    Messages:
    1,241
    Likes Received:
    487
    it means that framing will be more difficult:
    iframing cpa offers
    cs
    etc....
     
  3. hazard_mkd

    hazard_mkd Junior Member

    Joined:
    Oct 1, 2009
    Messages:
    197
    Likes Received:
    59
    shiiiiiiiiiiiiiiiiiit.... off to work..
     
  4. Scripteen

    Scripteen Elite Member

    Joined:
    Sep 19, 2009
    Messages:
    1,810
    Likes Received:
    1,919
    Home Page:
    The kind of users that will actually get involved in cpa offers are the type that use IE by default. FF and GC are for geeks only and those won;t make you any money;)