Over a million developers have joined DZone.

Grails Plugin: Servlet Filter to Add X-Frame-Options Response Header

· Java Zone

Check out this 8-step guide to see how you can increase your productivity by skipping slow application redeploys and by implementing application profiling, as you code! Brought to you in partnership with ZeroTurnaround.

The Grails plugin X-Frame-Options adds a new servlet filter to our Grails application. The servlet filter adds a response header. The response header name is X-Frame-Options and is used to defend against clickjacking. If we set the value to DENY our Grails application cannot be loaded inside aniframe. The value SAMEORIGIN allows only pages on the same site to include the application inside an iframe. We can also set the header valueALLOW-FROM {origin} to allow only pages on the {oring} website can include the application with an iframe. The plugin allows to set these values through configuration options in our grails-app/conf/Config.groovy file.

The code is hosted on GitHub and also contains the documentation.

The Java Zone is brought to you in partnership with ZeroTurnaround. Check out this 8-step guide to see how you can increase your productivity by skipping slow application redeploys and by implementing application profiling, as you code!

Topics:

Published at DZone with permission of Hubert Klein Ikkink, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}