Y
Hacker News
new
|
ask
|
show
|
jobs
by
sunflowerdeath
4100 days ago
But this is a response header, so server shoud respond and that is the goal of attack. Browser doesn't send any request headers saying that site is opened in the iframe.
1 comments
sanqui
4100 days ago
Sure, but at least the browser won't render the page, so it won't download the additional content like images and scripts. It's partial mitigation.
link