2.6.5 Clickjacking/Frame-bursting

This topic describes about Clickjacking/Frame-bursting.

Oracle JET handles clickjacking/Frame-bursting attack. Oracle Banking Accounts uses the X-Frame-Options HTTP response header to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>. This is used to avoid Clickjacking attacks, by ensuring that the content is not embedded into other sites.