mirrors/django
mirrors/django
0
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-11-21 19:09:18 +01:00
Code Issues Releases Wiki Activity

Removed outdated note about limitations in Clickjacking protection.

Browse Source 
There is no need to list old browser versions or point users to
workarounds.
This commit is contained in:
Mariusz Felisiak 2024-07-04 23:08:19 +02:00 committed by GitHub
parent 55a2e3136b
commit f302343380
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
docs/ref/clickjacking.txt
View File

@ -116,24 +116,7 @@ a decorator overrides the middleware.
Limitations
===========
The ``X-Frame-Options`` header will only protect against clickjacking in a
modern browser. Older browsers will quietly ignore the header and need `other
clickjacking prevention techniques`_.
The ``X-Frame-Options`` header will only protect against clickjacking in
`modern browsers`_.
Browsers that support ``X-Frame-Options``
-----------------------------------------
* Internet Explorer 8+
* Edge
* Firefox 3.6.9+
* Opera 10.5+
* Safari 4+
* Chrome 4.1+
See also
--------
A `complete list`_ of browsers supporting ``X-Frame-Options``.
.. _complete list: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options#browser_compatibility
.. _other clickjacking prevention techniques: https://en.wikipedia.org/wiki/Clickjacking#Prevention
.. _modern browsers: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options#browser_compatibility