Anti-Clickjacking prevention when using iFrame

For security reason we recommend to configure your iFrame setting to protect your MashZone NextGen installation against clickjacking attacks.

Clickjacking is a vulnerability where an attacker creates a page that uses iFrame to render another page, then creates invisible controls on top of the rendered page that may be able to sniff user input.

General information on the clickjacking attack vector can be found on https://www.owasp.org/index.php/Clickjacking.

MashZone NextGen prevents clickjacking attacks by using the Content-Security-Policy that is supported by most web browsers. Details on how to use iFrame with MashZone NextGen can be found in Configure MashZone NextGen server to work with iFrame.