swo0sh_gt_13163
Aug 30, 2015Altostratus
Clickjacking protection using X-FRAME-OPTIONS: ALLOW-FROM URI
Hello Folks,
Can anyone help by sharing a snippet of iRule by inserting XFRAME-OPTIONS:ALLOW-FROM (single / multiple URI)?
The requirement is to allow certain Frames from different applications hosted within the same environment. Since X-FRAME-OPIONS:Allow-from supports only 1 URI, can we create any iRule to embed multiple URI for "Allow-from" header?
Perhaps using String based Data group, and call that Data group within an iRule, and verify if the URI is part of the Data group?
Thank you mates! Cheers!