X frame options header not set

Bug Reports
Log in to reply
  • J

    Hey guys. The first thing I usually check with node apps is whether or not the frame options are set. I don't understand why Express doesn't make this a default.
    At least for signed in users this should definitely be the case, because stealing someones info is a piece of cake this way.

    Other than that, thanks for making this software. If you guys keep it up, I'm sure this can have a bit of an impact on the node eco-system!

    2
  • psychobunny
    Admin

    thanks @Jet 🙂
    We'll look into this - if you have any issues feel free to report on our bug tracker

    0
  • julian
    GNU/Linux Admin

    Thanks @jet, we've added the issue to our tracker.

    0
  • H

    Hey guys. The first thing I usually check with node apps is whether or not the frame options are set. I don't understand why Express doesn't make this a default.
    At least for signed in users this should definitely be the case, because stealing someones info is a piece of cake this way.

    Other than that, thanks for making this software. If you guys keep it up, I'm sure this can have a bit of an impact on the node eco-system!

    0

Suggested Topics

| |
Copyright © 2021 NodeBB | Contributors