X-Frame-Options
Tests the 'X-Frame-Options' header which prevents sites from being displayed inside an iframe.
This test will look for the presence of the 'X-Frame-Options' header and make sure it has a value of either SAMEORIGIN
or DENY
. If the header is missing or has a different value, a warning will be displayed.
This HTTP response header is used to prevent the page from being loaded inside of an iframe. A server can use this to protect against certain attacks and to prevent their content from being embedded in other websites.
For more information, please read our documentation of the X-Frame-Option Header or read our in-depth article about Security Headers.
Ready to validate your website for this test and 100+ others?