In order to avoid clickjacking, I need to disable iframe access to my site in a similar fashion to using an X-Header with SAMEORIGIN using apache. However I'm using SunOne web server and changing it is not an option. Is there any way to do this that doesn't require a huge rewrite of what's already on the site?
I am using CentOS for the server.
Best Answer
http://docs.oracle.com/cd/E19554-01/819-4464-10/#wp34190
Looks like you'd want:
That said, this is a web server that was discontinued a decade ago...