1. X-Frame-Options

    To prevent browsers from embedding your web pages inside other web pages use the X-Frame-Options HTTP response header.