X-Frame-Options header is set to SAMEORIGIN for portal

Description

After fixing SWC-4901, we noticed that an extra header X-Frame-Options with 'SAMEORIGIN' was returned by portal. Looking at code, it is specified unconditionally in security.conf and deployed in httpd configuration.

Environment

None

Status

Assignee

Xavier Schildwachter

Reporter

Xavier Schildwachter

Labels

None

Validator

Jay Hodgson

Release Version History

None

Components

Fix versions

Priority

Major
Configure