Over a million developers have joined DZone.

Grails Plugin: Servlet Filter to Add X-Frame-Options Response Header

DZone's Guide to

Grails Plugin: Servlet Filter to Add X-Frame-Options Response Header

· Java Zone ·
Free Resource

The CMS developers love. Open Source, API-first and Enterprise-grade. Try BloomReach CMS for free.

The Grails plugin X-Frame-Options adds a new servlet filter to our Grails application. The servlet filter adds a response header. The response header name is X-Frame-Options and is used to defend against clickjacking. If we set the value to DENY our Grails application cannot be loaded inside aniframe. The value SAMEORIGIN allows only pages on the same site to include the application inside an iframe. We can also set the header valueALLOW-FROM {origin} to allow only pages on the {oring} website can include the application with an iframe. The plugin allows to set these values through configuration options in our grails-app/conf/Config.groovy file.

The code is hosted on GitHub and also contains the documentation.

BloomReach CMS: the API-first CMS of the future. Open-source & enterprise-grade. - As a Java developer, you will feel at home using Maven builds and your favorite IDE (e.g. Eclipse or IntelliJ) and continuous integration server (e.g. Jenkins). Manage your Java objects using Spring Framework, write your templates in JSP or Freemarker. Try for free.


Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}