odoo11-addon-web-clickjack-protection 11.0.1.0.0.99.dev2

Protects Odoo instancess from possible Clickjacking attacks

Clickjacking is a technique by which a malicious party embeds your website in an <iframe>, then hovers buttons over it to make the user think he is clicking on your site when in fact he is communicating with the parent frame.

Clickjacking can be prevented on the webserver side by adding headers, but there are ways around this. This module prevents clickjacking more thoroughly by making it impossible for your site to be embedded. It does so by adding a small “framebreaker” Javascript which creates a CSS style element on the fly to hide the body of the current page by default. Then, if it doesn’t detect a parent frame, it removes it again.

Table of contents

• Bug Tracker

• Credits

  • Authors

  • Contributors

  • Maintainers

Bug Tracker

Bugs are tracked on GitHub Issues. In case of trouble, please check there if your issue has already been reported. If you spotted it first, help us to smash it by providing a detailed and welcomed feedback.

Do not contact contributors directly about support or help with technical issues.

Credits

Authors

• Sunflower IT

Contributors

• Tom Blauwendraat <tom@sunflowerweb.nl>

• Kevin Kamau <kevin@sunflowerweb.nl>

Maintainers

This module is maintained by the OCA.

OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use.

This module is part of the OCA/web project on GitHub.

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.