how to do Employing defensive code in the UI to ensure that the current frame is the most top level window

C
<system.webServer>
  ...
  <httpProtocol>
    <customHeaders>
      <add name="X-Frame-Options" value="SAMEORIGIN" />
    </customHeaders>
  </httpProtocol>
  ...
</system.webServer>Protected Sub Application_BeginRequest(sender As [Object], e As EventArgs)
  Response.Headers.Remove("X-Frame-Options")
  Response.AddHeader("X-Frame-Options", "DENY")
 End Sub
Source

Also in C: