Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

X-Frame-Options header, need eng support for it, Vitaly Osipov told me to make ticket

Michael Mulder
Michael Mulder April 15, 2014
"Michael,Please create a support request at http://support.atlassian.comand asupport engineer will help you make the modifications for theX-Frame-Options header. You can mention me in the issue, that I amaware of it." Vitaly Osiprov.My email michael.mulder@faa.govwork 609 485 6739 (in East Coast USA time) cell 856 982 4056
Answer
Watch
Like Be the first to like this
706 views

3 answers

0 votes
Michael Mulder
Michael Mulder May 1, 2014

His fix seem to work on Firefox most versions, and New IE9 and Chrome 34 as I had HTML

code to check for clickjacking and the login page wasn't loading in Chromw 34, IE9 and Firefox(most versions).

Reply
0 votes
Michael Mulder
Michael Mulder May 1, 2014

His fix seem to work on Firefox most versions, and New IE9 and Chrome 34 as I had HTML

code to check for clickjacking and the login page wasn't loading in Chromw 34, IE9 and Firefox(most versions).

Reply
0 votes
Guilherme Nedel
Guilherme Nedel [Atlassian]
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 15, 2014

Firstly, please retrieve the files from inside your Confluence installation folder - the directory into which the Confluence application files and libraries have been unpacked (unzipped) when Confluence was installed:

confluence/WEB-INF/web.xml

Under this portion of the document retrieved:

<!-- Uncomment the following to disable the space export long running task. -->

    <!--

        <context-param>

            <param-name>unsupportedContainersForExportLongRunningTask</param-name>

            <param-value>websphere,jboss</param-value>

        </context-param>

    -->


 


Add the following:


 


<filter>

        <filter-name>ClickjackFilterSameOrigin</filter-name>

        <filter-class>org.owasp.filters.ClickjackFilter</filter-class>

        <init-param>

            <param-name>mode</param-name>

            <param-value>SAMEORIGIN</param-value>

        </init-param>

    </filter>


 


 


also add this:


<filter-mapping>

        <filter-name>ClickjackFilterSameOrigin</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>


 


 


Save the files and put into confluence/WEB-INF/classes



Note that this fix is specific to Firefox, each web browser can use different WebKit versions, and even providers, in order to address with other browser vendor, please refer to the browser specific content, as this page for IE.


 


 

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	
		

			

	
		

			

			
	

	

		


	

	
				View More Comments
			

	

	


		

	

	
		

	       	
	 

	
		
	

	       	
		

	



        


              



	

	

	 
	
	
	 
	
	

	

	

	
		

			

			
	

	

		


	

	
		

			

				
					
		

			
 

			

				

					

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

			

	

		

			

	
		
			
		
			

 
   
 
 Deleted user  October 9, 2014         
 

		
	
	


		

	

		

			

	
		
			

		

	
		

			
				
					
					
						
Where do you put the filter mapping section? Does it go right underneath the filter section we just added?  Also, do you save the web.xml file in the the confluence/WEB-INF/classes and confluence/WEB-INF (where it originally was)?

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



  Like         
              


    

      Reply
    

      
 
  
    
  




  




 
Suggest an answer
 
 Log in or Sign up to answer 
 
  
		
			

		
			

		
	
	


		

			

	
		
			
		
			
		
			

   
 Confluence 
  
 Confluence 
  
 
TAGS
 
     
  


		
			

		
			
  
 
 
 
 AUG Leaders 
 
 
 
Atlassian Community Events
 
 
 
 
 
     
     See all events