Tip
You can now control the CSP directive frame-ancestors via the environment variable CSP_FRAME_ANCESTORS.
For example to allow remote sources to allow VoucherVault being loaded via iframe.
The X-Frame-Options header is considered depreacted and was removed.