class Rack::Protection::FrameOptions

to allow embedding from the same origin (default). frame. Use :deny to forbid any embedding, :sameorigin frame_options

Defines who should be allowed to embed the page in a Options: in a frame. Sets X-Frame-Options header to tell the browser avoid embedding the page More infos

developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header<br>Safari 4.0, Chrome 4.1.249.1042 and later Supported browsers

Internet Explorer 8, Firefox 3.6.9, Opera 10.50, Prevented attack: Clickjacking
#

def header

def header
  { 'X-Frame-Options' => options[:frame_options].to_s }
end

Modules

Classes

class Rack::Protection::FrameOptions

def header

Namespace

Parent class

Instance Methods

Defined in