I have tried an iframe: Doesn't work
If a simple
The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a
<iframe>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.