From 926b33510102bc98838a743d932821af728389ad Mon Sep 17 00:00:00 2001 From: harshgMSFT Date: Mon, 28 Apr 2014 11:13:07 -0700 Subject: [PATCH] Fix for Issue #319 --- src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryWorker.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryWorker.cs b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryWorker.cs index d3fc6a302b..c110a7152a 100644 --- a/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryWorker.cs +++ b/src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryWorker.cs @@ -115,7 +115,7 @@ namespace Microsoft.AspNet.Mvc // Adding X-Frame-Options header to prevent ClickJacking. See // http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-10 // for more information. - httpContext.Response.Headers.Add("X-Frame-Options", new[] { "SAMEORIGIN" }); + httpContext.Response.Headers.Set("X-Frame-Options", "SAMEORIGIN"); } //