Ignore X-Frame-Options Header 的评价
Ignore X-Frame-Options Header 作者: ThomazPom
Firefox 用户 15957100 的评价
评分 5 / 5
来自 Firefox 用户 15957100,3 年前57 条评价
- 评分 5 / 5来自 Alex z,3 个月前
- 评分 5 / 5来自 reigggg,3 个月前Works for me and nothing bad in the source code, basically removes "content-security-policy" and "x-frame-options" from headers. Thanks!
- 评分 5 / 5来自 KaffeeTrinker,4 个月前
- 评分 5 / 5来自 Ratheesh Pai,9 个月前
- 评分 5 / 5来自 kyuubicle,1 年前
- 评分 5 / 5来自 AV,1 年前
- 评分 5 / 5来自 KDV,2 年前This extension's functionality definitely IS A MUST for browser core!!!
how that could happen they still haven't implemented it..? - 评分 5 / 5来自 GDPlayer,2 年前
- 评分 5 / 5来自 GavinB,2 年前
- 评分 4 / 5来自 Firefox 用户 14913472,2 年前
- 评分 4 / 5来自 ModZero,2 年前Well, it's a solid extension that does what it says on the tin - unfortunately it's no longer enough, apparently. For example I tried to use it to enable previews of Twitter pages in pinboard.in's organize mode - and sure, the view itself loads, but it's broken, because other requests and scripts fail in ways I'm not motivated enough to investigate.
The web has changed. The header itself is incredibly useful - click jacking was a scourge, and sometimes really is. But the approach has its downsides. - 评分 1 / 5来自 Jonathin,3 年前Simply doesn't work. I tried to use it in a HTML file with Google.com, and it still output the same frame is "denied by X-Frame-Options directive set to SAMEORIGIN“.
- 评分 5 / 5来自 Maurice,3 年前Very clever. I am writing a web page that used to pop a new window with a framebusting web site. With this extension I can now put it in an iframe next to related data.
Quick question: Can I test in Javascript if this extension is installed, so if is not, do the legacy popout? - 评分 5 / 5来自 Firefox 用户 16848195,4 年前
- 评分 5 / 5来自 Realife_Brahmin,4 年前Worked for me for paying my Netflix subscription.
Edit: Thanks a lot for the warning! I've disabled the 'Ignore X frame' from the extension's menu by default and would only enable it when I'm sure that I'm paying via the correct website.开发者回应
发布于 4 年前Please care that when you disable x frame option you are exposed to « clickjacking » as it is designed to protect you from
Always ensure you realy are on netflix.com in the address bar when you type your personal and credit card informations or they may be stolen .
https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/11-Client_Side_Testing/images/Clickjacking_description.png
Regards - 评分 5 / 5来自 Kobayashi,4 年前
- 评分 5 / 5来自 will,4 年前
- 评分 5 / 5来自 Alejandro,4 年前