Clickjacking Defense Cheat Sheet is focused on providing guidance on Clickjacking attack prevention.
The most popular way to defend against Clickjacking is to include some sort of “frame-breaking” functionality which prevents other web pages from framing the site you wish to defend. This cheat sheet will discuss two methods of implementing frame-breaking: first is X-Frame-Options headers (used if the browser supports the functionality); and second is javascript frame-breaking code.
Download: w_owas02.pdf – mirror
