I’m looking to secure a web application against clickjacking attacks, where an attacker might try to overlay an invisible iframe to trick users into clicking hidden elements. I’m aware that JavaScript has certain detection capabilities, and I'd like to know what techniques can be used directly in JavaScript to detect and prevent these attacks. Are there reliable ways to prevent framing altogether or detect when a page is being framed?
Any advice on specific methods, such as setting headers or JavaScript checks, would be helpful.