I have /my.policy overwriting every attempt I've made to disable this clickjacking protection.
I have a frame that needs to access APM and this damn header is constantly getting set. Using BIGIP 12, ...
forgot to mention, the server response header is always X-Frame-Options: DENY.
Closest I've come is to insert a header with that value but this results in duplicate headers.