Monday, November 30, 2015

Html.AntiForgeryToken() automatically adds HTTP response header X-Frame-Options

Just a note that using @Html.AntiForgeryToken() in MVC will automatically send the X-Frame-Options: SAMEORIGIN http response header.

0 comments: