SameOrigin

Clickjacking via iFrames vorbeugen durch X-Frame-Options SAMEORIGIN

If you want to prevent browsers from rendering content in an iFrame, for example to disallow embedding your page as iFrame on foreign pages, you can use the X-Frame-Options response header

For example in apache using mod_headers:


Header append X-Frame-Options SAMEORIGIN