aganist＆QUOT保护我的ASP.net MVC3网站，点击劫持＆QUOT; [英] Securing my ASP.net MVC3 Website aganist "Click jacking"

查看：193 发布时间：2016/7/7 10:07:06 visual-studio-2010 asp.net-mvc-3

本文介绍了aganist＆QUOT保护我的ASP.net MVC3网站，点击劫持＆QUOT;的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

最近，我是通过所面临的一些网站的安全问题翻转。幸运的是遇到了一个新名词点击劫持

Recently I was flipping through some security issues faced by websites. Fortunately come across a new term "Click jacking"

我了解，这种攻击只发生，如果我的网站是在iframe装载。

I understood that this attack happens only if my website is loadable in an IFrame.

进一步调查有助于了解，设置X-帧选项，以拒绝prevent网站中的IFrame加载

Further investigation helped to know that setting "x-frame-options" to "DENY" prevent the website been loaded in IFrame

但我不知道如何实现这个，因为我很新的这个领域？

But I Don't know how to implement this as I am very new to this domain?

在您的Global.asax您可以添加以下

In your Global.asax you can add the following

protected void Application_BeginRequest(object sender, EventArgs e)
{
    HttpContext.Current.Response.AddHeader("x-frame-options", "SAMEORIGIN");
}

这篇关于aganist＆QUOT保护我的ASP.net MVC3网站，点击劫持＆QUOT;的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

aganist＆QUOT保护我的ASP.net MVC3网站，点击劫持＆QUOT; [英] Securing my ASP.net MVC3 Website aganist &quot;Click jacking&quot;