I need to create an iframe on a page at www.siteone.com . Iframe src will be like www.parentsite.com/formone.html . I hope that the X-Frame options can be used to limit the use of other websites using the parentite form at www.parentsite.com .
Now my problem is that I need to create forms at parentsite.com for some other custom websites. In such cases, I cannot directly provide them with the direct URL www.parentsite.com/formxxx.html . So I have to go for URL shortening / some other safe methods to limit the use of the form from other sites. How can I safely create URLs. One method is to create hash codes (e.g., public keys / private keys) along with URLs to prevent other site attacks.
But is this the only safe method? What other methods can we implement to prevent attacks like clickjacking in my case?
Note. User sites will be provided with a javascript function to create iframes on their sites.
source share