Libravatar (obsolete)

Activity log for bug #863904

Date	Who	What changed	Old value	New value	Message
2011-10-01 08:56:58	François Marier	bug			added bug
2011-10-01 10:07:16	François Marier	description	To prevent ClickJacking, we should set the X-Frame-Options to Deny for everything that returns HTML: https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines#Preventing_Malicious_Site_Framing_.28ClickJacking.29 We'll need to make sure we don't set it on the dynamic resizer / resolver though.	To prevent ClickJacking, we should set the X-Frame-Options to Deny for everything that returns HTML: https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines#Preventing_Malicious_Site_Framing_.28ClickJacking.29 https://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx We'll need to make sure we don't set it on the dynamic resizer / resolver though.
2011-10-01 10:11:24	François Marier	libravatar: status	Confirmed	Fix Committed
2011-10-01 10:30:09	François Marier	libravatar: status	Fix Committed	Fix Released
2012-05-30 00:52:35	François Marier	libravatar: status	Fix Released	Confirmed
2012-07-18 03:54:35	François Marier	libravatar: status	Confirmed	Fix Committed
2012-07-24 06:57:40	François Marier	libravatar: status	Fix Committed	Fix Released