Clickjacking Protection
Hackers use iframes to capture clicks for their own purposes. By enabling the x-frame-options headers for your site, iframes will be disabled and the risk of clickjacking will be mitigated. If you rely on iframes, you can specify specific URLs or allow that the page can only be displayed in an iframe by someone on the same origin.