Recently i tried to load youtube website in an iframe, but i checked that it's not worked. i used this simple code.
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<iframe width="1000px" height="700px" src="http://www.youtube.com" ></iframe>
</body>
</html>
i want to know , why my webpage can't load youtube website in iframe..
what code i use to load the youtube website in my webpage.
how i use same techniq in my website, so no one can add my website in iframe.
This answer was written in 2013 and documents a DEPRECATED header. See other answers for a modern equivalent.
For browsers of 2013, a X-Frame-Options
HTTP header needs to be used. It can be implemented through web server configuration settings.
You can view the X-Frame-Options
in Header as in the image below,
Reference: https://www.keycdn.com/blog/x-frame-options/
If your browser does not support it, then you will have NO clickjacking defense in place and can use HTTP Header Field X-Frame-Options,
<meta http-equiv="X-Frame-Options" content="deny">
There are three possible values for X-Frame-Options:
DENY - The page cannot be displayed in a frame, regardless of the site attempting to do so.
SAMEORIGIN - The page can only be displayed in a frame on the same origin as the page itself.
ALLOW-FROM uri - The page can only be displayed in a frame on the specified origin.