Configuring the IIS HTTP response header setting

To secure the web server and prevent clickjacking on the http://<server name>/CentralDesignerInstall page, from which you install the Central Designer and Central Designer Administrator applications, configure the HTTP response header in IIS.

1. Open the Internet Information Services (IIS) Manager.
2. In the Connections section on the left, expand the Sites folder.
3. Select Default Web Site.
4. In the Default Web Site Home pane, in the IIS section, double-click HTTP Response Headers.
5. In the Actions section on the right, click Add.

   The Add Custom HTTP Response Header dialog box appears.

6. Enter the following:
   • Name—X-Frame-Options
   • Value—SAMEORIGIN
7. Click OK.

Copyright © 2007, 2016 Oracle and/or its affiliates. All rights reserved.