Hi guys.
We have a costumer that wanna make an upgrade of he Jira Instance.
But, we got a problem in this process, they use somekind of Scanner (PCI Scan) in their Network to check system threats and this scanner is acusing a problem of "Possible Clickjacking vulnerability" so, the recommended solution is to set the meta information X-Frame-Options in several pages to avoid the inclusion of external pages (i.e address that isn't in the same Jira's domain) in Jira Gadgets.
I Would like some help since i have made this change on '/secure/ViewKeyboardShortcuts!default.jspa' and the generated HTML code in Browser doesn't correspond to this changes.
There are some other location that i should make this changes?
Jira 4.4.5
Community moderators have prevented the ability to post new answers.
I'm also encountering this problem. When I add the header script on httpd.conf file, no one can login on JIRA. Any thoughts?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.