java handles X-Frame-Options header vulnerability

Others 2022-04-23 07:52:09 views: 0 
use in filter
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
    {
        HttpServletResponse res = (HttpServletResponse)response;
        chain.doFilter(request, response);
        System.out.println("limit mode============"+mode);
        res.addHeader("X-FRAME-OPTIONS",mode );            
    }


The value of mode is:

        DENY: The browser refuses the current page to load any frame page
      SAMEORIGIN: The address of the frame page can only be the page under the same origin domain name
      ALLOW-FROM: The origin is the page address that allows frame loading


  In general use SAMEORIGIN


Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325524428&siteId=291194637
Recommended
微软回应中国区AI团队“打包赴美”传闻
Ranking
How to use ChatGPT to write 100,000+ hot articles for public accounts (includes prompt words)
sudo echo command execution Permission denied
ADO: Using Transactions to Operate Oracle Database
[Java] [Class and Object] equals, hashCode, clone methods
Linux virtual host function
Порт управления rabbitmq открыт
on,where
jQuery WeUI
How can there be a weed pilot in Hangzhou?
tcp / ip model four
Daily
More
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)

Code World

© 2018 codetd.com