mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-09 17:02:43 +00:00
Code Issues 32 Releases Wiki Activity

[5.0.x] Removed outdated note about limitations in Clickjacking protection.

Browse Source 
There is no need to list old browser versions or point users to
workarounds.
Backport of f302343380c77e1eb5dab3b64dd70895a95926ca from main.
This commit is contained in:
Mariusz Felisiak 2024-07-04 23:08:19 +02:00 committed by Natalia
parent 0602fc2124
commit 43aa0c103b
1 changed files with 3 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
docs/ref/clickjacking.txt
View File

@ -126,24 +126,7 @@ a decorator overrides the middleware.
Limitations Limitations
=========== ===========
The ``X-Frame-Options`` header will only protect against clickjacking in a The ``X-Frame-Options`` header will only protect against clickjacking in
modern browser. Older browsers will quietly ignore the header and need `other `modern browsers`_.
clickjacking prevention techniques`_.
Browsers that support ``X-Frame-Options`` .. _modern browsers: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options#browser_compatibility
-----------------------------------------
* Internet Explorer 8+
* Edge
* Firefox 3.6.9+
* Opera 10.5+
* Safari 4+
* Chrome 4.1+
See also
--------
A `complete list`_ of browsers supporting ``X-Frame-Options``.
.. _complete list: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options#browser_compatibility
.. _other clickjacking prevention techniques: https://en.wikipedia.org/wiki/Clickjacking#Prevention