X-Frame-Options HTTP header
- OTHERAn HTTP header which indicates whether the browser should allow the webpage to be displayed in a frame within another webpage. Used as a defense against clickjacking attacks.
Chrome
- ﹖ 4 - 25: Support unknown
- ◐ 26 - 134: Partial support
- ◐ 135: Partial support
- ◐ 136 - 138: Partial support
Edge
- ✅ 12 - 18: Supported
- ◐ 79 - 134: Partial support
- ◐ 135: Partial support
Safari
- ﹖ 3.1 - 5: Support unknown
- ◐ 5.1 - 18.3: Partial support
- ◐ 18.4: Partial support
- ◐ 18.5 - TP: Partial support
Firefox
- ﹖ 2 - 3.6: Support unknown
- ◐ 4 - 17: Partial support
- ✅ 18 - 69: Supported
- ◐ 70 - 136: Partial support
- ◐ 137: Partial support
- ◐ 138 - 140: Partial support
Opera
- ﹖ 9 - 11.5: Support unknown
- ◐ 11.6 - 116: Partial support
- ◐ 117: Partial support
IE
- ❌ 5.5 - 7: Not supported
- ✅ 8 - 10: Supported
- ✅ 11: Supported
Chrome for Android
- ◐ 135: Partial support
Safari on iOS
- ﹖ 3.2 - 6.1: Support unknown
- ◐ 7 - 18.3: Partial support
- ◐ 18.4: Partial support
- ◐ 18.5: Partial support
Samsung Internet
- ◐ 4 - 26: Partial support
- ◐ 27: Partial support
Opera Mini
- ❌ all: Not supported
Opera Mobile
- ﹖ 10 - 12: Support unknown
- ◐ 12.1: Partial support
- ◐ 80: Partial support
UC Browser for Android
- ◐ 15.5: Partial support
Android Browser
- ﹖ 2.1 - 3: Support unknown
- ◐ 4 - 4.4.4: Partial support
- ◐ 135: Partial support
Firefox for Android
- ◐ 137: Partial support
QQ Browser
- ◐ 14.9: Partial support
Baidu Browser
- ◐ 13.52: Partial support
KaiOS Browser
- ✅ 2.5: Supported
- ◐ 3: Partial support
Partial support refers to not supporting the ALLOW-FROM option.
The X-Frame-Options header has been obsoleted by the frame-ancestors directive from Content Security Policy Level 2.