Is it possible to configure the X-Frame-Options Header in Piwik without hacking any core files?
My Problem: Our Apache Webserver is setting X-Frame-Options: SAMEORIGIN on every request.
Piwik is sending an empty X-Frame-Options Header when we are embedding a Piwik widget on some website via iframe
<iframe src="https://www.mysite.xy/piwik/index.php?module=Widgetize&action=iframe..."></iframe>
This is OK in Firefox and IE, but Chrome won’t display the iframe showing this error instead
[quote=“Multiple ‘X-Frame-Options’ headers with conflicting values ('SAMEORIGIN, ') encountered when loading ‘http://mysite.xy’. Falling back to ‘DENY’.”][/quote]
I found out this is set in core/View.php (setXFrameOptions()). But how can I configure setXFrameOptions() to always send a SAMEORIGIN header or not to send any X-Frame-Options header at all without modifying View.php?
many thanks
(Using Piwik 2.10.0 and Chrome 39.0 on a Mac)