Last Modified: Oct 06, 2020
See more info
Known Affected Versions:
11.6.1, 11.6.0, 11.5.0
Opened: Jan 27, 2014
Related AskF5 Article: K01102767
Page with X-Frame-Options response header is rendered in <frame>, <iframe> or <object> tag. While it should not be rendered, because the header instruct browser blocks it.
If X-Frame-Options header is ignored, then some clickjacking attacks can be possible.
Page with X-Frame-Options response header in <frame> <iframe> or <object> tag.
This issue has no workaround at this time.