Forum Stats

  • 3,840,303 Users
  • 2,262,583 Discussions


Oracle Application Container Cloud Service adds unwanted response headers to application requests

Hi everyone,

I deployed a NodeJS + Express application in Application Container Cloud Service instance running Node 8, on the eucom-north-1 data center.

Now, I wanted to put that application inside an iFrame, but every request I make to the application is coming back with an error stating it can't load the iFrame because it's denied due to the X-Frame-Option header set to Same Origin.

But I never set the X-Frame_Option header in my application. It seems that this header is being added automatically by OACCS.

Also, that doesn't seem to happen in all Application Container Cloud Service Engine versions, as I have access to an older version, running on the US Data Center, and the same exact application doesn't add the X-Frame_Options header.

How can we remove or configure the headers that are being returned with every request?

Kind Regards

José Rodrigues