1 article with this tag
Clickjacking layers your real site invisibly over an attacker's page so the user performs an unintended action (transfer, settings change, consent). The real defense is refusing to be framed — CSP frame-ancestors plus X-Frame-Options.