Blocking iframe because it set 'X-Frame-Options' to 'DENY'.
I uploaded a project on the php server in my droplet which has both node and php server block on nginx. But when i opened it in the browser it isnt working because it works with i frames and in the console i see
Refused to display 'myiframe' in a frame because it set 'X-Frame-Options' to 'DENY'.
And also Uncaught SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement': Sandbox access violation: Blocked a frame at "https://www.mydomain.com" from accessing a frame at "null". The frame being accessed is sandboxed and lacks the "allow-same-origin" flag.
What's the most secure way to deal with those headers on nginx and php?