Hello friends, today we are going to learn Click-Jacking Prevention in PHP. Click-Jacking is technique by which user is tricked into clicking on something that is different from what user perceives, thus which can then reveal confidential information or can take control of their computer. In PHP we can prevent Click-Jacking using HTTP Header X-Frame-Options by setting it to “SAMEORIGIN” in .htaccess file or header function in PHP.
.htaccess file
1 |
Header append X-FRAME-OPTIONS "SAMEORIGIN" |
If we put this code in .htaccess file then all pages of our website will not be accessible in <frame> , <iframe> or <object> tag outside of our own website.
in php file
1 2 3 4 |
<?php header('X-Frame-Options:SAMEORIGIN'); //Other PHP Code Goes Here |
If we put this code in php file then that specific file will not be accessible in <frame> , <iframe> or <object> tag outside of our own website but rest of all file which does not have this code will be accessible.
Thank you Friends
Please don’t forget share if you like it
Comments