diff --git a/packaging/war/src/main/resources/alfresco/web-client-security-config.xml b/packaging/war/src/main/resources/alfresco/web-client-security-config.xml
index 87f6dd1a7c..0d5362bd14 100644
--- a/packaging/war/src/main/resources/alfresco/web-client-security-config.xml
+++ b/packaging/war/src/main/resources/alfresco/web-client-security-config.xml
@@ -184,5 +184,15 @@
-
+
+
+
+
+ X-Frame-Options
+ SAMEORIGIN
+
+
+
\ No newline at end of file
diff --git a/packaging/war/src/main/webapp/WEB-INF/web.xml b/packaging/war/src/main/webapp/WEB-INF/web.xml
index 9c102703d9..97af943fd3 100644
--- a/packaging/war/src/main/webapp/WEB-INF/web.xml
+++ b/packaging/war/src/main/webapp/WEB-INF/web.xml
@@ -104,6 +104,12 @@
org.springframework.extensions.webscripts.servlet.CSRFFilter
+
+ Security Headers filter. Adds security response headers based on config.
+ Security Headers Filter
+ org.springframework.extensions.webscripts.servlet.SecurityHeadersFilter
+
+
Clear security context filter
@@ -225,6 +231,11 @@
/wcs/admin/*
+
+ Security Headers Filter
+ /*
+
+