Community
Products
Confluence
Questions
X-Frame-Options header, need eng support for it, Vitaly Osipov told me to make ticket

X-Frame-Options header, need eng support for it, Vitaly Osipov told me to make ticket

"Michael,Please create a support request at http://support.atlassian.comand asupport engineer will help you make the modifications for theX-Frame-Options header. You can mention me in the issue, that I amaware of it." Vitaly Osiprov.My email michael.mulder@faa.govwork 609 485 6739 (in East Coast USA time) cell 856 982 4056

3 answers

0 votes

Firstly, please retrieve the files from inside your Confluence installation folder - the directory into which the Confluence application files and libraries have been unpacked (unzipped) when Confluence was installed:

confluence/WEB-INF/web.xml

Under this portion of the document retrieved:

&lt;!-- Uncomment the following to disable the space export long running task. --&gt;

    &lt;!--

        &lt;context-param&gt;

            &lt;param-name&gt;unsupportedContainersForExportLongRunningTask&lt;/param-name&gt;

            &lt;param-value&gt;websphere,jboss&lt;/param-value&gt;

        &lt;/context-param&gt;

    --&gt;

Add the following:

&lt;filter&gt;

        &lt;filter-name&gt;ClickjackFilterSameOrigin&lt;/filter-name&gt;

        &lt;filter-class&gt;org.owasp.filters.ClickjackFilter&lt;/filter-class&gt;

        &lt;init-param&gt;

            &lt;param-name&gt;mode&lt;/param-name&gt;

            &lt;param-value&gt;SAMEORIGIN&lt;/param-value&gt;

        &lt;/init-param&gt;

    &lt;/filter&gt;

also add this:

&lt;filter-mapping&gt;

        &lt;filter-name&gt;ClickjackFilterSameOrigin&lt;/filter-name&gt;

        &lt;url-pattern&gt;/*&lt;/url-pattern&gt;

    &lt;/filter-mapping&gt;

Save the files and put into confluence/WEB-INF/classes

Note that this fix is specific to Firefox, each web browser can use different WebKit versions, and even providers, in order to address with other browser vendor, please refer to the browser specific content, as this page for IE.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Where do you put the filter mapping section? Does it go right underneath the filter section we just added? Also, do you save the web.xml file in the the confluence/WEB-INF/classes and confluence/WEB-INF (where it originally was)?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

His fix seem to work on Firefox most versions, and New IE9 and Chrome 34 as I had HTML

code to check for clickjacking and the login page wasn't loading in Chromw 34, IE9 and Firefox(most versions).

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

His fix seem to work on Firefox most versions, and New IE9 and Chrome 34 as I had HTML

code to check for clickjacking and the login page wasn't loading in Chromw 34, IE9 and Firefox(most versions).

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Suggest an answer

Confluence

Products

Interests

Groups

Community resources

Support

X-Frame-Options header, need eng support for it, Vitaly Osipov told me to make ticket

3 answers

Suggest an answer

Avinoam Zelenko

Try out the new editing experience

Atlassian User Groups

Find my local user group

Groups near you

Ask a question

Start a discussion

Products

Interests

Groups

Community resources

Support

X-Frame-Options header, need eng support for it, Vitaly Osipov told me to make ticket

3 answers

Suggest an answer

Avinoam Zelenko

Try out the new editing experience

Atlassian User Groups

Find my local user group

Groups near you