Burp community forum

Reporting of Frameable Response (Potential Clickjacking)

Karthik | Last updated: Aug 19, 2015 07:05AM UTC

I scanned 30+ URLs using burp suite tool. 4 URLs were reported for Frameable Response (Potential Clickjacking) While all the URLs that were scanned missed the X-Frame-Options header, why only 4 URLs were flagged for this ?

PortSwigger Agent | Last updated: Aug 19, 2015 09:55AM UTC

The logic for this check also requires: - a non-redirection response - HTML content - some links within the HTML page

You need to Log in to post a reply. Or register here, for free.