Safe Clickjacking Assault with X-Body Choices utilizing F5 iRule
There are a number of methods so as to add the X-Body-Choices header to your internet purposes. Nonetheless, deployment by means of the F5 load balancer might be the best.
Engaged on the sting of a community with F5 iRule provides you the benefit of with the ability to implement adjustments shortly.
That is proper; no must restart companies, so no downtime.
There are three settings for X-Body-Choices:
- SAME ORIGIN: This configuration permits the web page to be rendered in a body on the identical origin because the web page itself.
- TO DENY: This setting prevents a web page from being displayed in a body or iframe.
- ALLOW-FROM uri: Permit assets to be loaded solely on the desired origin.
To be applied in F5 irule
- Create an irule with the next
when HTTP_RESPONSE {
HTTP::header insert "X-FRAME-OPTIONS" "SAMEORIGIN"
}
- Hyperlink this irule to the suitable digital server
Confirm
Use the browser’s built-in developer instruments to look at the response headers or on-line utilizing the HTTP header checking instrument.
You see it is three strains that do the job!
