Disable x-frame-options in MVC3 or IIS 7.5

Question

I want to disable x-frame-options in my website, I want that no other website can show my webpages in their web pages using iframes. My website is made in ASP.net MVC3 and hosted in IIS 7.5.

Answer 1

There are a bunch of ways to go about this. But one of the easiest is adding <customHeaders> section to the web.config and it will append that header to each request.

<configuration>
   <system.webServer>
      <httpProtocol>
         <customHeaders>
            <add name="X-Frame-Options" value="DENY" />
         </customHeaders>
      </httpProtocol>
   </system.webServer>
</configuration>