What is Clickjacking ❓ Definition and Prevention techniques

What precisely is clickjacking, and how can it work?

Types of clickjacking

A simple example of clickjacking

<head>
<style>
#target_website {position:relative;width:128px;height:128px;opacity:0.00001;z-index:2;}
#decoy_website {position:absolute;width:300px;height:400px;z-index:1;} </style>
</head>
...
<body>
<div id="decoy_website">
...bait web content here...
</div>
<iframe id="target_website" src="https://defenseless website.com">
</iframe>
</body>

How can I prevent clickjacking?

<script> in the event that (top != window) {top.location = window.location; } </script>
<script> window.onbeforeunload = work() {return bogus;}; </script>
<iframe id="decoy_webpage" src="https://pantomime website.com" sandbox="allow-scripts award structures permit same-origin"> </iframe>

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store