In order to tackle clickJacking and blocking my site to be opened by iframe

Question

0

Asked: June 7, 20262026-06-07T10:03:44+00:00 2026-06-07T10:03:44+00:00

In order to tackle clickJacking and blocking my site to be opened by iframe

0

In order to tackle clickJacking and blocking my site to be opened by iframe I have created a servlet filter in which I am adding below line to add “X-FRAME-OPTIONS” response header. But when I run page and see response headers of that page I never get this header in there. Any Idea why?

public void doFilter(
        ServletRequest request, ServletResponse response, FilterChain chain
        ) throws IOException, ServletException
    {

        HttpServletResponse res = (HttpServletResponse)response;
        chain.doFilter(request, response);

        //Specify the mode
        res.addHeader("X-FRAME-OPTIONS", "DENY");
    }

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-07T10:03:46+00:00

Editorial Team

2026-06-07T10:03:46+00:00Added an answer on June 7, 2026 at 10:03 am

You need to add the header before calling doFilter. By the time control returns from doFilter the headers and body have already been sent, so your addHeader is ignored.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

In order to tackle clickJacking and blocking my site to be opened by iframe

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply