Burp Suite User Forum

Create new post

Reporting of Frameable Response (Potential Clickjacking)

Karthik | Last updated: Aug 19, 2015 07:05AM UTC

I scanned 30+ URLs using burp suite tool. 4 URLs were reported for Frameable Response (Potential Clickjacking) While all the URLs that were scanned missed the X-Frame-Options header, why only 4 URLs were flagged for this ?

PortSwigger Agent | Last updated: Aug 19, 2015 09:55AM UTC

The logic for this check also requires: - a non-redirection response - HTML content - some links within the HTML page

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.