Forum Discussion

Nimbostratus

Oct 26, 2018

Insert X-Frame-Options Header using LTM Policy

I am looking to insert X-Frame-Options header usnig LTM Policy instead of iRules (less resource intensive). Has anyone done it and can confirm if the following would work please or can suggest a bett...

LTM

security

Kevin_Stewart

Employee

Oct 26, 2018

This policy would insert the X-Frame-Options header in the response if the server's response didn't include an X-Frame-Options header with the value "SAMEORIGIN".

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Insert X-Frame-Options Header using LTM Policy

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Changes to DO and AS3 GitHub - no longer monitored

GRE Tunnel Issue

Help with an iRule to disconnect active connections to Pool Members that are "offline"

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

Illigal Parameter addition as custom signature set wanted to Unblock

Related Content

Removing x-frame-options header from response when using APM

Security Headers Insertion

Strict header Insertion

Set x-frames-options header values depending on URI

Clickjacking Protection Using X-FRAME-OPTIONS Available for Firefox

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS