X-Git-Url: https://git.ralfj.de/ansible.git/blobdiff_plain/c1f305f1d26a92eaa7130394d3e04f27b4149107..7b4085e4007a14c733f77dc275cece83a4e26d7c:/roles/apache/templates/security.conf

diff --git a/roles/apache/templates/security.conf b/roles/apache/templates/security.conf
index adefdd8..9334c36 100644
--- a/roles/apache/templates/security.conf
+++ b/roles/apache/templates/security.conf
@@ -59,7 +59,7 @@ Header set X-Content-Type-Options: "nosniff"
 # site as frames. This defends against clickjacking attacks.
 # Requires mod_headers to be enabled.
 #
-Header set X-Frame-Options: "sameorigin"
+Header add Content-Security-Policy "frame-ancestors 'self'"
 
 
 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet