Security team asked if you can submit your concern to our responsible disclosure program here:
On the server side we do use CSP to prevent clickjacking. You can read about it here:
Thank you!
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Clickjacking via iframes | 5 | 4600 | August 29, 2019 | |
| Helmet Content Security Policy error for React Express app on Azure | 3 | 10343 | October 16, 2020 | |
| Clickjacking Protection in Classic Universal Login! | 2 | 8738 | September 3, 2019 | |
| Do Auth0 has a policy for using custom scripts in hosted login page from customer's CDNs? | 2 | 3951 | March 2, 2018 | |
| Connection to https://<my account>/oauth/token is blocked | 4 | 3813 | October 28, 2020 |