I have an web app that I want to embed on different websites. However, I don't want the embed to be available to all the domains. So lets say http://mysite1.com, and http://mysite2.com embeds my website, thats fine, and I want the operations to go smoothly. However, if http://foreignsite.com embeds the same page, the process will not work. Is this possible?
Note: I am using iFrames for the embedding process.
Add an X-Frame-Options HTTP response header:
X-Frame-Options: ALLOW-FROM http://mysite2.com