<h1 class="title">Web Clickjack Protection</h1> <p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/web/tree/13.0/web_clickjack_protection"><img alt="OCA/web" src="https://img.shields.io/badge/github-OCA%2Fweb-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/web-13-0/web-13-0-web_clickjack_protection"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/162/13.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p> <p>Clickjacking is a technique by which a malicious party embeds your website in an &lt;iframe&gt;, then hovers buttons over it to make the user think he is clicking on your site when in fact he is communicating with the parent frame.</p> <p>Clickjacking can be prevented on the webserver side by adding headers, but there are <a class="reference external" href="https://github.com/niutech/x-frame-bypass">ways around this</a>. This module prevents clickjacking more thoroughly by making it impossible for your site to be embedded. It does so by adding a small &quot;framebreaker&quot; Javascript which creates a CSS style element on the fly to hide the body of the current page by default. Then, if it doesn't detect a parent frame, it removes it again.</p> <p><strong>Table of contents</strong></p> <div class="contents local topic" id="contents"> <ul class="simple"> <li><a class="reference internal" href="#bug-tracker" id="id1">Bug Tracker</a></li> <li><a class="reference internal" href="#credits" id="id2">Credits</a><ul> <li><a class="reference internal" href="#authors" id="id3">Authors</a></li> <li><a class="reference internal" href="#contributors" id="id4">Contributors</a></li> <li><a class="reference internal" href="#maintainers" id="id5">Maintainers</a></li> </ul> </li> </ul> </div> <a name="bug-tracker"></a> <h2><a class="toc-backref" href="#id1">Bug Tracker</a></h2> <p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/web/issues">GitHub Issues</a>. In case of trouble, please check there if your issue has already been reported. If you spotted it first, help us smashing it by providing a detailed and welcomed <a class="reference external" href="https://github.com/OCA/web/issues/new?body=module:%20web_clickjack_protection%0Aversion:%2013.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p> <p>Do not contact contributors directly about support or help with technical issues.</p> <a name="credits"></a> <h2><a class="toc-backref" href="#id2">Credits</a></h2> <a name="authors"></a> <h3><a class="toc-backref" href="#id3">Authors</a></h3> <ul class="simple"> <li>Sunflower IT</li> </ul> <a name="contributors"></a> <h3><a class="toc-backref" href="#id4">Contributors</a></h3> <ul class="simple"> <li>Tom Blauwendraat &lt;<a class="reference external" href="mailto:tom&#64;sunflowerweb.nl">tom&#64;sunflowerweb.nl</a>&gt;</li> <li>Kevin Kamau &lt;<a class="reference external" href="mailto:kevin&#64;sunflowerweb.nl">kevin&#64;sunflowerweb.nl</a>&gt;</li> </ul> <a name="maintainers"></a> <h3><a class="toc-backref" href="#id5">Maintainers</a></h3> <p>This module is maintained by the OCA.</p> <a class="reference external image-reference" href="https://odoo-community.org"><img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" /></a> <p>OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use.</p> <p>This module is part of the <a class="reference external" href="https://github.com/OCA/web/tree/13.0/web_clickjack_protection">OCA/web</a> project on GitHub.</p> <p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>