User Interface (UI) redress vulnerability (clickjacking) detected.
- Rule ID: php_symfony_ui_redress
- Languages: php
- Source: ui_redress.yml
Using unsanitized user input to set X-Frame-Options or Content-Security-Policy HTTP headers puts your application at risk for UI redress attacks (clickjacking).
✅ Prefer the most secure values when setting these headers
$response->headers->set("Content-Security-Policy", "frame-ancestors 'none'");
OWASP Top 10
To skip this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --skip-rule=php_symfony_ui_redress
To run only this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --only-rule=php_symfony_ui_redress
Ready to take the next step? Learn more about Bearer Cloud.