none
https response header for anticlick jacking in TMG2010 Sp2

    Question

  • Hello, 

    The company I am doing some work for needs to implement a http response header "X-Frame-Options" "SAMORIGIN" on our published websites via TMG. 

    Now I have researched it and found some previous questions asked here, but they all seem to point to "https://tmgblog.richardhicks.com/2009/03/27/using-the-isa-http-filter-to-modify-via-headers-and-prevent-information-disclosure/"

    But when I go here and look, its not very intuitive and I am left confused on how to implement the above change. 

    if someone could describe a plain english version, and how to use this function inside TMG to control the "X-Frame-Otions" header, that would be great. 

    Regards,

    Andy


    Sunday, June 26, 2016 9:20 PM

All replies