The IESG has received a request from the Web Security WG (websec) to consider the following document: - 'HTTP Header Field X-Frame-Options' <draft-ietf-websec-x-frame-options-07.txt> as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2013-08-12. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract To improve the protection of web applications against Clickjacking, this specification describes the X-Frame-Options HTTP response header field that declares a policy communicated from the server to the client browser on whether the browser may display the transmitted content in frames that are part of other web pages. This informational document serves to document the existing use and specification of this X-Frame-Options HTTP response header field. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-websec-x-frame-options/ballot/ No IPR declarations have been submitted directly on this I-D.
