Explorer II

Question

DOM-based extension clickjacking - 1Password browser extension

Forum|Forum|9 months ago
August 23, 2025
3 replies
917 views

Hi Everyone.

I was looking for this problem involving the "1Password browser extension".

Is there a function/method for Forticlient/FortiEMS protected endpoint to catch or block this kind of "Clickjacking"?

Thanks in advance.

Max

FortiClient

Anthony_E

Staff

Hello Max,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Best Regards

Jean-Philippe_P

Staff & Editor

Hello,

We are still looking for an answer to your question.

We will come back to you ASAP.

Thanks,

Jean-Philippe - Fortinet Community Team

Jean-Philippe_P

Staff & Editor

Hello again ianomax,

I found this solution. Can you tell me if it helps, please?

FortiClient and FortiClient EMS provide several features that can help protect against clickjacking attacks:

Web Filtering: FortiClient's web filtering function monitors web browser activities and enforces web security policies. This can help block access to malicious websites that may be involved in clickjacking.
Application Firewall: The application firewall in FortiClient can monitor, allow, or block application traffic by categories, which can prevent the use of unwanted applications that might be used in clickjacking attacks.
Endpoint Protection: FortiClient offers endpoint protection features, including anti-malware and vulnerability detection, which can help protect against various types of cyberattacks, including clickjacking.
Content Security Policy (CSP) and X-Frame-Options: While not specific to FortiClient, implementing CSP and X-Frame-Options in web applications can prevent clickjacking by controlling how content is embedded in frames.

These features, combined with employee education and awareness, can help mitigate the risk of clickjacking attacks on protected endpoints.

Jean-Philippe - Fortinet Community Team

ianomaxAuthor

Explorer II

Dear Jean-Philippe,

thank you for your answer.

The features are interesting ... however these options should be configured and tested. At present I'm looking for a basic configuration in order to test this kind of risk.

Max

Jean-Philippe_P

Staff & Editor

Hello again ianomax,

I found that answer:

To test and configure basic protection against clickjacking risks using FortiClient and FortiClient EMS, follow these steps:

Web Filtering Configuration:
- Access the FortiClient EMS console.
- Navigate to the Web Filtering section.
- Enable web filtering and configure it to block known malicious sites and categories that may host clickjacking attacks.
Application Firewall:
- In the EMS console, go to the Application Firewall settings.
- Enable the application firewall and set rules to control application traffic, focusing on blocking unauthorized or suspicious applications.
Endpoint Protection:
- Ensure that endpoint protection is enabled on all devices.
- Regularly update the anti-malware definitions to detect and block the latest threats.
Content Security Policy (CSP) and X-Frame-Options:
- For web applications, implement CSP and X-Frame-Options headers to prevent unauthorized content embedding.
- This can be configured on the web server hosting the application.
Testing:
- After configuration, conduct tests using known clickjacking test sites to ensure the protections are effective.
- Monitor logs and alerts in the EMS console to verify that the configurations are working as intended.
Employee Education: Educate employees about the risks of clickjacking and safe browsing practices.

By following these steps, you can set up a basic configuration to test and mitigate clickjacking risks on your network.

Jean-Philippe - Fortinet Community Team

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded