I’m running Nginx 1.4.4 on Ubuntu 12.04 and have added the
X-Frame-Options header for one of my sites but in testing it appears
that Nginx includes this itself in addition to user configured headers.
Basically I want X-Frame-Options to be DENY but when I set that header
Nginx also sends an X-Frame-Options SAMEORIGIN header so that there are
two X-Frame-Options headers in every request.
Is there some way to disable the extra header? I can’t find anything in
my configuration that would add the second header.