reorder comments
This commit is contained in:
parent
113c20a819
commit
c50169f5a4
|
@ -3,14 +3,15 @@ require 'rack/protection'
|
|||
module Rack
|
||||
module Protection
|
||||
##
|
||||
# Sets X-Frame-Options header to tell the browser avoid embedding the page
|
||||
# in a frame.
|
||||
#
|
||||
# Prevented attack:: Clickjacking
|
||||
# Supported browsers:: Internet Explorer 8, Firefox 3.6.9, Opera 10.50,
|
||||
# Safari 4.0, Chrome 4.1.249.1042 and later
|
||||
#
|
||||
# Sets X-Frame-Options header to tell the browser avoid embedding the page
|
||||
# in a frame.
|
||||
#
|
||||
# Options:
|
||||
#
|
||||
# frame_options:: Defines who should be allowed to embed the page in a
|
||||
# frame. Use :deny to forbid any embedding, :sameorigin
|
||||
# to allow embedding from the same origin (default).
|
||||
|
|
|
@ -3,11 +3,11 @@ require 'rack/protection'
|
|||
module Rack
|
||||
module Protection
|
||||
##
|
||||
# Sets X-XSS-Protection header to tell the browser to block attacks.
|
||||
#
|
||||
# Prevented attack:: Non-permanent XSS
|
||||
# Supported browsers:: Internet Explorer 8 and later
|
||||
#
|
||||
# Sets X-XSS-Protection header to tell the browser to block attacks.
|
||||
#
|
||||
# Options:
|
||||
# xss_mode:: How the browser should prevent the attack (default: :block)
|
||||
class XSSHeader < Base
|
||||
|
|
Loading…
Reference in New Issue