RFC 7034 · INFORMATIONAL · 2013
SUN · 14 JUN 2026
HTTP Header Field X-Frame-Options
Overview
RFC 7034, “HTTP Header Field X-Frame-Options”, is an Informational document published in October 2013 by D. Ross, T. Gondrom. The canonical text is published by the RFC Editor.
Abstract
To improve the protection of web applications against clickjacking, this document describes the X-Frame-Options HTTP header field, which declares a policy, communicated from the server to the client browser, regarding whether the browser may display the transmitted content in frames that are part of other web pages.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
Read this RFC
The canonical text of RFC 7034 is hosted at rfc-editor.org. Available in TXT,HTML.
Other RFCs from 2013
- RFC 7033 WebFinger
- RFC 7035 Relative Location Representation
- RFC 7032 LDP Downstream-on-Demand in Seamless MPLS
- RFC 7036 Object Identifier Registry for the Long-Term Archive and Notary Services Working Group
- RFC 7031 DHCPv6 Failover Requirements
- RFC 7037 RADIUS Option for the DHCPv6 Relay Agent
- RFC 7030 Enrollment over Secure Transport
- RFC 7038 Use of OSPF-MDR in Single-Hop Broadcast Networks