x-frame-options Directives (3 total)
- allow-from
- deny
- sameorigin
X-Frame-Options is an obsolete header to instruct the browser to allow rendering a page within a frame or iframe. The header is used to enable the Clickjacking protection.
Websites using header x-frame-options | 1,768,672 |
Percentage of websites that use x-frame-options header | 15.18% |
Total discovered header values | 4,776 |
Header uses directives | Yes |
Header values are unique or random | No |
Most popular in the country | ![]() |
Directive | Share | Websites count | Unique Values |
---|---|---|---|
sameorigin | 66.87% | 1,182,757 | 6 |
deny | 12.27% | 216,932 | 1 |
allow-from | <0.1% | 198 | 69 |
Top 10k sites | 4,400 websites |
Top 100k sites | 20,728 websites |
Top 1m sites | 178,525 websites |
Domain | Country | Rank | Contacts |
---|---|---|---|
|
![]() |
2 | |
|
![]() |
3 | |
|
![]() |
4 | |
|
![]() |
4 | |
|
![]() |
5 | |
|
![]() |
5 |
Header value | Value prevalence |
---|---|
SAMEORIGIN | 83.09% |
DENY | 14.97% |
ALLOWALL | 0.59% |
SAMEORIGIN, SAMEORIGIN | 0.28% |
GOFORIT | 0.14% |
ALLOW-FROM https://app.kajabi.com | 0.08% |
ALLOW | 0.04% |
* | 0.03% |
SAMEORIGIN,SAMEORIGIN | 0.02% |
ALLOW-FROM * | 0.02% |
SAMEORIGIN; ALLOW-FROM 'studio.auswaertiges-amt.de'; ALLOW-FROM 'www.auswaertiges-amt.de'; | 0.02% |
SAMEORIGIN, ALLOW-FROM *.cas.cn | 0.01% |
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN, SAMEORIGIN | 0.01% |
DENY, sameorigin | 0.01% |
ALLOW-FROM https://my.cratejoy.com | 0.01% |
allow-from https://engine.prosites.com/ | 0.01% |
ALLOW-FROM dashboard.pixieset.com | 0.01% |
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN | 0.01% |
SAME-ORIGIN | 0.01% |
ALLOW-FROM https://www.lodgify.com/ | 0.01% |