X-Frame-Options - Chrome Platform Status

Feature: X-Frame-Options

The X-Frame-Options HTTP header field protects pages against clickjacking attacks by allowing sites to opt-out of being embedded in cross-origin (or any) contexts.

Specification

Specification link

Status: Final published standard: Recommendation, Living Standard, Candidate Recommendation, or similar final form

Status in Chromium

Blink components: Blink

Implementation status: Enabled by default

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Firefox: Shipped/Shipping
Safari: Shipped/Shipping
Web Developers: Positive

Owner

mkwst@chromium.org

Last updated on 2020-11-09