x-frame-options Directives (3 total)
- allow-from
- deny
- sameorigin
X-Frame-Options is an obsolete header to instruct the browser to allow rendering a page within a frame or iframe. The header is used to enable the Clickjacking protection.
Websites using header x-frame-options | 1,774,347 |
Percentage of websites that use x-frame-options header | 16.54% |
Total discovered header values | 4,786 |
Header uses directives | Yes |
Header values are unique or random | No |
Most popular in the country | ![]() |
Directive | Share | Websites count | Unique Values |
---|---|---|---|
sameorigin | 75.32% | 1,336,391 | 6 |
deny | 13.69% | 242,904 | 1 |
allow-from | <0.1% | 253 | 79 |
|
Top 10k sites | 4,418 websites |
Top 100k sites | 20,961 websites |
Top 1m sites | 180,888 websites |
Domain | Country | Rank | Contacts |
---|---|---|---|
|
![]() |
2 | |
|
![]() |
3 | |
|
![]() |
4 | |
|
![]() |
4 | |
|
![]() |
5 | |
|
![]() |
5 |
Header value | Value prevalence |
---|---|
SAMEORIGIN | 83.26% |
DENY | 14.85% |
ALLOWALL | 0.54% |
SAMEORIGIN, SAMEORIGIN | 0.28% |
GOFORIT | 0.13% |
ALLOW-FROM https://app.kajabi.com | 0.08% |
ALLOW | 0.04% |
* | 0.02% |
SAMEORIGIN,SAMEORIGIN | 0.02% |
: sameorigin | 0.02% |
ALLOW-FROM * | 0.02% |
SAMEORIGIN; ALLOW-FROM 'studio.auswaertiges-amt.de'; ALLOW-FROM 'www.auswaertiges-amt.de'; | 0.02% |
SAMEORIGIN, ALLOW-FROM *.cas.cn | 0.01% |
DENY, SAMEORIGIN | 0.01% |
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN, SAMEORIGIN | 0.01% |
ALLOW-FROM https://my.cratejoy.com | 0.01% |
SAME-ORIGIN | 0.01% |
allow-from https://engine.prosites.com/ | 0.01% |
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN | 0.01% |
ALLOW-FROM https://www.lodgify.com/ | 0.01% |