Adobe® ColdFusion® 10 Server Lockdown Guide
Adobe® ColdFusion® 10 Server Lockdown Guide
Adobe® ColdFusion® 10 Server Lockdown Guide
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
6.11 Adding ClickJacking Protection<br />
ColdFusion <strong>10</strong> includes two new Servlet Filters CFClickJackFilterDeny and<br />
CFClickJackFilterSameOrigin. When a URL is mapped to one of these servlets the X-Frame-Options<br />
HTTP header will be returned with a value of DENY or SAMEORGIN. You can add a filter-mapping in<br />
web.xml to enable these filters for a given URI, this functionality could also be accomplished at the web<br />
server level.<br />
6.12 Security Constraints in web.xml<br />
The servlet container (Tomcat) can enforce certain security constraints to ensure that a given URI is secured,<br />
or to limit certain URIs to HTTP POST over a secure (SSL) connection:<br />
<br />
POST SSL<br />
<br />
POST ONLY SSL<br />
/post/*<br />
POST<br />
<br />
<br />
CONFIDENTIAL<br />
<br />
<br />
<br />
POST ONLY<br />
<br />
BLOCK NOT POST<br />
/post/*<br />
GET<br />
HEAD<br />
PUT<br />
DELETE<br />
TRACE<br />
<br />
<br />
<br />
82