Bypassing x-frame-options
2 min readFeb 2, 2018
What exactly is X-Frame-Options ?
From the official Mozilla Developer docs:
The
X-Frame-Options
HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a<frame>
,<iframe>
or<object>
. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.