1. I have this url: http://subdomain.mydomain.com
2. In this subdomain there's a link that opens a login form in a iframe. The link's url is always http://www.mydomain.com/login.html
3. APACHE is set this way: X-Frame-Options:"SAMEORIGIN".
4. When I click to the link, the iframe is not working and the browser console show me this message: Refused to display 'http://www.mydomain.com/login.html' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
5. The iframe is working when the link is clicked from http://www.mydomain.com, but I need to work also if it's clicked from a subdomain page.
5. login.html is a jsp template from Oracle Webcenter Sites.
6. I want to change the HEADERS of that template. I tried to put this in the jsp template, but nothing seems to change: <% response.setHeader("X-Frame-Options","http://subdomain.mydomain.com"); %>
Is there a solution to allow iframes changing jsp code? Do I need to add/change something in web.xml or any other configuration file?
Thanks in advance!