Configure the X-Frame-Options header settings
Configure the X-Frame-Options header settings to help you
protect your site against Clickjacking. Clickjacking is a technique that tricks
a web user into clicking a malicious site, thinking that it is your site. This
malicious site can then reveal confidential information or take control of the
user's computer.
Procedure
Include the X-Frame-Options header with a response. The
Feature Pack 8 Aurora store has the X-Frame-Options header enabled in
Stores.war/Aurora/Common/EnvironmentSetup.jspf. You can include this
X-Frame-Options header by using one of the following options:
• Use the
IBM HTTP Server (IHS)
Enabling the header with IHS is the more popular technique
and this technique ensures that the header is included with all responses. To
include the X-Frame-Options header, use a command that is similar to the
following command, which appends the X-Frame-Options header SAMEORIGIN to
responses:
Header always append X-Frame-Options SAMEORIGIN
• Use the
WebSphere Commerce application.
1. Go to the
following directory:
Store_archivedir/Aurora/common
2. Open the
EnvironmentSetup.jspf for editing and add the following line of code:
response.setHeader("X-Frame-Options","SAMEORIGIN");
3. Save and
close the file.
Ibm Websphere Commerce: Configure The X-Frame-Options Header Settings >>>>> Download Now
ReplyDelete>>>>> Download Full
Ibm Websphere Commerce: Configure The X-Frame-Options Header Settings >>>>> Download LINK
>>>>> Download Now
Ibm Websphere Commerce: Configure The X-Frame-Options Header Settings >>>>> Download Full
>>>>> Download LINK 8Q