Telerik Forums
This is a migrated thread and some comments may be shown as answers.

Uploader does not under IE when X-FRAME-OPTIONS = DENY header is set

2 Answers 136 Views
Upload
This is a migrated thread and some comments may be shown as answers.
This question is locked. New answers and comments are not allowed.
Sebastian S
Top achievements
Rank 1
Sebastian S asked on 02 Nov 2011, 11:41 PM
I've been experimenting with solutions for potential click-jacking issues. One suggested solution was to send a 'X-FRAME-OPTIONS' = 'DENY' in the response headers. This works fine with Firefox and Chrome but breaks on IE.

Is there a work around for IE for this?

Cheers,
Sebastian

2 Answers, 1 is accepted

Sort by
0
Accepted
T. Tsonev
Telerik team
answered on 03 Nov 2011, 10:22 AM
Hello Sebastian,

The Upload uses an IFRAME in IE, due to the lack of a File API. Therefore, using DENY won't work, but using SAMEORIGIN should work.

I hope this helps.

Best regards,
Tsvetomir Tsonev
the Telerik team
If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the Telerik Extensions for ASP.MET MVC, subscribe to their blog feed now
0
Sebastian S
Top achievements
Rank 1
answered on 03 Nov 2011, 09:35 PM
Thanks Dude!
Tags
Upload
Asked by
Sebastian S
Top achievements
Rank 1
Answers by
T. Tsonev
Telerik team
Sebastian S
Top achievements
Rank 1
Share this question
or