x-frame-options in IdP
IAM David Bantz
dabantz at alaska.edu
Wed Aug 17 19:02:21 UTC 2022
A well know service provider (Kaltura, aka MediaSpace) is deploying a
revised integration and has asked/told us to “remove" the default IdP
setting x-frame-options=DENY. I do not have deep understanding of the
issue, but it seems an unnecessary/unwarranted reduction in the IdP’s
security posture. Have others encountered similar request and if so, what
are you doing in response?
David St Pierre Bantz
U Alaska IAM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20220817/c808c065/attachment.htm>
More information about the users
mailing list