I am contacted by a developper because my Revive installation mywebsite /www/admin/index.php is vulnerable to clickjacking.
I am told to do this :
set a correct value to the HTTP header X-Frame-Options https://developer.mozilla.org/fr/docs/HTTP/Headers/Content-Security-Policy
set a correct value to the HTTP header Content-Security-Policy https://developer.mozilla.org/fr/docs/HTTP/Headers/X-Frame-Options
implement a frame breakder https://www.thesitewizard.com/archive/framebreak.shtml
What's your opinion ?