IIS 7 and Above
Re: X-Frame-Options headers
Apr 05, 2019 06:49 AM|Jalpa Panchal|LINK
X-Frame-Options header used to control whether a page can be placed in an IFRAME.
There are three possible directives for X-Frame-Options:
Not only will attempts to load the page in a frame fail when loaded from other sites, but attempts to do so will also fail when loaded from the same site.
You can still use the page in a frame as long as the site including it in a frame is the same as the one serving the page.
The page can only be displayed in a frame on the specified origin. Note that in Firefox this still suffers from the same problem as sameorigin did — it doesn't check the frame ancestors to see if they are in the same origin.
<add name="X-Frame-Options" value="ALLOW-FROM http://www.sample2.com" />
You could also refer below article: