Since being introduced by Robert Hansen and Jeremiah Grossman in 2008 , the Web attacks which are summarized under the term "Clickjacking" have received considerable attention. In consequence, server-driven countermeasures, namely framebusting  and the X-frames option header  have been developed and deployed. However, these currently available countermeasures fall short in non-trivial situations. All currently utilized techniques have in common, that they rely on the prevention of framing. This is problematic, as there a numerous situations, in which sites have to enable other sites to frame their content (e.g., mash-up components or Web widgets). Furthermore, Hunag & Jackson  have demonstrated that similar attacks can also be conducted using pop-under windows. Also, Zalewski did the same using an attack vector based on page-navigation .
 Robert Hansen, Jeremiah Grossman, “Clickjacking,” Dec. 2008. [Online].
 G. Rydstedt, E. Bursztein, D. Boneh, and C. Jackson, “Busting frame busting: a study of clickjacking vulnerabilities at popular sites,” in in IEEE Oakland Web 2.0 Security and Privacy (W2SP 2010), 2010.
 Mozilla Corporation, “The X-Frame-Options response header”, 2010. [Online].
 Lin-Shung Huang and Collin Jackson, "Clickjacking Attacks Unresolved", 2011, [Online].
 Michael Zalewski, "X-Frame-Options is worth less than you think", 2011, [Online].