X-Frame-Options not detected correctly

  • Resolved ale5000

    (@ale5000)


    7 years, 6 months ago

    I have another plugin that set X-Frame-Options, but it set it in lowercase (x-frame-options) and so I get:

    Security Header: X-Frame-Options
We did not find the recommended security header for ClickJacking Protection on your site.

    They should be checked in a case-insensitive way.

Viewing 3 replies - 1 through 3 (of 3 total)

  • Yes, they [SiteCheck] should check it in lowercase too.

    I will pass this to my co-workers, they are the ones who maintain that service.

    Thank you.

    Thread Starter ale5000

    (@ale5000)

    @yorman
    Hi,
    it seems the problem still persist.

    Best regards,
    ale5000

    @ale5000 — thank you for the notice.

    I don’t have control over the development process in the SiteCheck project, so there is not much I can do besides filling an internal bug report (which I already did when you posted this ticket a week ago). I will talk to them again today, maybe the bug was already patched (internally) but hasn’t been pushed live, and the reasons for this are unknown to me, some times they are working on something else and need to finish the QA testing before executing a deployment.

    Please ignore the warning for now, you already included that security header and that is enough. I will try to get the patch pushed live in the next couple of weeks. Thank you for your patience.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘X-Frame-Options not detected correctly’ is closed to new replies.