Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
duskwuff
on Jan 23, 2014
|
parent
|
context
|
favorite
| on:
HTTP Security headers you should be using
> X-Frame-Options is fine, since modern ads use JS and not IFRAMEs.
Also because X-Frame-Options restricts what can frame
you
, not what you can load in frames.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Also because X-Frame-Options restricts what can frame you, not what you can load in frames.