Clickjacking https://blockstack.org/

https://blockstack.org/ does not return an `X-FRAME-OPTIONS` header. However, because blockstack.org does not contain any endpoints where the UI is rendered to invoke a state change action on behalf of users, we do not believe that click-jacking presents a security vulnerability. ( see this informative post by David Ross on when the `X-FRAME-OPTIONS` header is actually required: https://plus.google.com/u/0/+DavidRossX/posts/jVrtTRd5yKP ) If however, a reporter finds UI elements on blockstack.org which do pose security vulnerabilities when click-jacked, please raise that as an issue.