Linux – Blocking iframe Access on SunOne

linuxsun-one

In order to avoid clickjacking, I need to disable iframe access to my site in a similar fashion to using an X-Header with SAMEORIGIN using apache. However I'm using SunOne web server and changing it is not an option. Is there any way to do this that doesn't require a huge rewrite of what's already on the site?

I am using CentOS for the server.

Best Answer

http://docs.oracle.com/cd/E19554-01/819-4464-10/#wp34190

Support for Arbitrary Custom Headers

In Web Server 6.0 SP10, the set-variable SAF (Server Application Function) can be used to add custom headers to the server's HTTP responses. For example, consider the following server-id /config/obj.conf directive:

Looks like you'd want:

AuthTrans fn="set-variable" insert-srvhdrs="X-Frame-Options: SAMEORIGIN"

That said, this is a web server that was discontinued a decade ago...

Best Answer

Related Solutions

Linux – Monitoring whether a file has been changed on a remote web server

How to check what version of SunONE I am running

Related Topic