In modern browsers (since March 2023) [Sec-Fetch-Dest](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Sec-Fetch-Dest) header to check if the request came from a frame
``` def in_iframe? request.headers["Sec-Fetch-Dest"].include? "frame" end ```

In modern browsers (since March 2023) [Sec-Fetch-Dest](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Sec-Fetch-Dest) header to check if the request came from a frame
``` def in_iframe? request.headers["Sec-Fetch-Dest"].include? "frame" end ```