diff --git a/src/webserver.js b/src/webserver.js
index 778829e4e6..624f08258d 100644
--- a/src/webserver.js
+++ b/src/webserver.js
@@ -159,7 +159,7 @@ var path = require('path'),
 					res.locals.csrf_token = req.session._csrf;
 
 					// Disable framing
-					res.setHeader('X-Frame-Options', 'DENY');
+					res.setHeader('X-Frame-Options', 'SAMEORIGIN');
 
 					next();
 				});