iFrame Error in cms of test-environment

In my test-environment , i get following error, after log into cms

Refused to display 'http://cms.luctho.de/?1&iframe' in a frame because it set multiple 'X-Frame- 
Options' headers with conflicting values ('DENY, sameorigin'). Falling back to 'deny'.

Test-Environment: local virtual Server (Ubuntu) with virtual box. I added entry to etc/hosts to point on the local server. Site works fine and I can access the Url http://cms.luctho.de/?1&iframe without any issues.

Let me know if you need more information!

You need sameorigin i believe, so, make sure to remove whatever is setting ‘DENY’ header
(in most cases this is done by Spring Security, or similar security framework).

I have no Security Framework in place ! Its just brxm out of the box. No customization yet.
I think it must be a misconfiguration of reverse proxy (apache). When I bypass apache and call via localhost:8080 I have no error :frowning:

Speaking of which: since iframes are generally known to be a source of evil stemming from the 20th century, can we please get rid of them?