mirror of
https://github.com/django/django.git
synced 2024-12-22 09:05:43 +00:00
Removed outdated note about limitations in Clickjacking protection.
There is no need to list old browser versions or point users to workarounds.
This commit is contained in:
parent
55a2e3136b
commit
f302343380
@ -116,24 +116,7 @@ a decorator overrides the middleware.
|
||||
Limitations
|
||||
===========
|
||||
|
||||
The ``X-Frame-Options`` header will only protect against clickjacking in a
|
||||
modern browser. Older browsers will quietly ignore the header and need `other
|
||||
clickjacking prevention techniques`_.
|
||||
The ``X-Frame-Options`` header will only protect against clickjacking in
|
||||
`modern browsers`_.
|
||||
|
||||
Browsers that support ``X-Frame-Options``
|
||||
-----------------------------------------
|
||||
|
||||
* Internet Explorer 8+
|
||||
* Edge
|
||||
* Firefox 3.6.9+
|
||||
* Opera 10.5+
|
||||
* Safari 4+
|
||||
* Chrome 4.1+
|
||||
|
||||
See also
|
||||
--------
|
||||
|
||||
A `complete list`_ of browsers supporting ``X-Frame-Options``.
|
||||
|
||||
.. _complete list: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options#browser_compatibility
|
||||
.. _other clickjacking prevention techniques: https://en.wikipedia.org/wiki/Clickjacking#Prevention
|
||||
.. _modern browsers: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options#browser_compatibility
|
||||
|
Loading…
Reference in New Issue
Block a user