Clickjacking

Posted By : Bipul Kumar Tiwari,

The vulnerability exists due to lack of x-frame options in the response headers. In clickjacking attack, an invisible/transparent iframe of the legitimate website browsed by the victim is placed on some other web page which is controlled by the attacker.

In simple word Frame sniffing is an attack technique that takes advantage of browser functionality to steal data from a website.

How to check Clickjacking happen in site:


Create simple web page and write the below code. In IFram tag write you site URL.



How to fix Clickjacking:

Option 1:

To fix clickjacking , configure IIS to add an X-Frame-Options header to all responses for a given site, follow these steps:




Option 2:

In Global.asax.cs


Related Articles

 

About the Author

author
Its me BIPUL who is logically minded creative at heart , a good communicator , a self taught full stack developer. I constantly focuses on my thinking , reading , collecting and creating my work in a order to enhance my skills.

I discover new dimensions for growing bussiness with a proven record in creating database and programming. I have a strong technical skills as well as strong interpersonal skills. Read more...
 

Browse By Category

Popular Articles